Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

160 advisories

Loading
A vulnerability, which was classified as problematic, has been found in ywoa up to 2024.07.03.... Moderate Unreviewed
CVE-2025-1225 was published Feb 12, 2025
CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail... Moderate Unreviewed
CVE-2020-36772 was published Jan 22, 2024
External control of file name or path in Microsoft Defender for Endpoint allows an authorized... Moderate Unreviewed
CVE-2025-26684 was published May 13, 2025
In certain highly specific configurations of the host system and MongoDB server binary... Moderate Unreviewed
CVE-2024-8207 was published Aug 27, 2024
HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can... High Unreviewed
CVE-2024-42168 was published Jan 11, 2025
CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists... High Unreviewed
CVE-2025-2875 was published May 14, 2025
Agent-to-controller security bypass vulnerabilities in Jenkins Compuware Topaz for Total Test Plugin High
CVE-2022-43428 was published for com.compuware.jenkins:compuware-topaz-for-total-test (Maven) Oct 19, 2022
NotMyFault
Agent-to-controller security bypass vulnerability in Jenkins BMC Compuware Source Code Download for Endevor, PDS, and ISPW Plugin Moderate
CVE-2022-43423 was published for com.compuware.jenkins:compuware-scm-downloader (Maven) Oct 19, 2022
NotMyFault
The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans by default. These can be... Moderate Unreviewed
CVE-2017-15269 was published May 13, 2022
An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1,... Moderate Unreviewed
CVE-2017-0211 was published May 13, 2022
In Multiple Locations, there is a possibility to launch arbitrary protected activities due to a... High Unreviewed
CVE-2022-20550 was published Dec 20, 2022
In onPreferenceClick of AccountTypePreferenceLoader.java, there is a possible way to retrieve... Moderate Unreviewed
CVE-2022-20515 was published Dec 20, 2022
Netskope Client on Mac OS is impacted by a vulnerability in which the postinstall script does not... Moderate Unreviewed
CVE-2024-13177 was published Apr 15, 2025
A vulnerability, which was classified as problematic, was found in zhangyanbo2007 youkefu up to 4... Moderate Unreviewed
CVE-2025-3241 was published Apr 4, 2025
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up... High Unreviewed
CVE-2022-2431 was published Sep 7, 2022
A vulnerability, which was classified as problematic, has been found in crmeb_java up to 1.3.4.... Moderate Unreviewed
CVE-2025-2365 was published Mar 17, 2025
There is a local file inclusion vulnerability in ArcGIS Server 10.9.1 thru 11.3 that may allow a... High Unreviewed
CVE-2024-51961 was published Mar 3, 2025
In multiple functions of MediaSessionRecord.java, there is a possible Intent rebroadcast due to a... High Unreviewed
CVE-2023-20964 was published Mar 24, 2023
An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an... High Unreviewed
CVE-2025-0111 was published Feb 12, 2025
Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database... High Unreviewed
CVE-2024-10979 was published Nov 14, 2024
A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender... High Unreviewed
CVE-2023-6154 was published Apr 1, 2024
php-svg-lib lacks path validation on font through SVG inline styles Moderate
CVE-2024-25117 was published for phenx/php-svg-lib (Composer) Feb 21, 2024
A externally controlled reference to a resource in another sphere in Fortinet FortiManager before... Moderate Unreviewed
CVE-2022-23439 was published Jan 22, 2025
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-30190 was published Jun 2, 2022
In updateNotificationChannelFromPrivilegedListener of NotificationManagerService.java, there is a... High Unreviewed
CVE-2024-31319 was published Jul 9, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database