Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,301
Maven
5,000+
npm
3,942
NuGet
711
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,976 advisories

Loading
In the process-sync crate 0.2.2 for Rust, the drop function lacks a check for whether the... Low Unreviewed
CVE-2025-48752 was published May 24, 2025
In the anode crate 0.1.0 for Rust, data races can occur in unlock in SpinLock. Low Unreviewed
CVE-2025-48753 was published May 24, 2025
In group_number in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware... Low Unreviewed
CVE-2025-48756 was published May 24, 2025
The process_lock crate 0.1.0 for Rust allows data races in unlock. Low Unreviewed
CVE-2025-48751 was published May 24, 2025
In the spiral-rs crate 0.2.0 for Rust, allocation can be attempted for a ZST (zero-sized type). Low Unreviewed
CVE-2025-48755 was published May 24, 2025
In the memory_pages crate 0.1.0 for Rust, division by zero can occur. Low Unreviewed
CVE-2025-48754 was published May 24, 2025
parse_string in cJSON before 1.7.18 has a heap-based buffer over-read via {"1":1, with no... Low Unreviewed
CVE-2023-53154 was published May 23, 2025
DNN site Import could use an external source with a crafted request Low
CVE-2025-48376 was published for DotNetNuke.SiteExportImport (NuGet) May 23, 2025
valadas donker
bdukes
A business logic error in GitLab CE/EE affecting all versions starting from 12.1 prior to 17.10.7... Low Unreviewed
CVE-2024-9163 was published May 23, 2025
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript through 10.05.0 lacks... Low Unreviewed
CVE-2025-48708 was published May 23, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In... Low Unreviewed
CVE-2025-1110 was published May 22, 2025
TagLib before 2.0 allows a segmentation violation and application crash during tag writing via a... Low Unreviewed
CVE-2023-47466 was published May 22, 2025
Missing Authorization vulnerability in Drupal Single Content Sync allows Functionality Misuse... Low Unreviewed
CVE-2025-48009 was published May 21, 2025
A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical.... Low Unreviewed
CVE-2025-5030 was published May 21, 2025
Ackites KillWxapkg Zip Bomb Resource Exhaustion Low
CVE-2025-5031 was published for github.com/Ackites/KillWxapkg (Go) May 21, 2025
The Backup Plus extension for TYPO3 (ns_backup) allows XSS Low
CVE-2025-48206 was published for nitsan/ns-backup (Composer) May 21, 2025
Input provided in a field containing "activationMessage" in Konsola Proget is not sanitized... Low Unreviewed
CVE-2025-1420 was published May 21, 2025
Data provided in a request performed to the server while activating a new device are put in a... Low Unreviewed
CVE-2025-1421 was published May 21, 2025
Input provided in comment section of Konsola Proget is not sanitized correctly, allowing a high... Low Unreviewed
CVE-2025-1419 was published May 21, 2025
TYPO3 Unverified Password Change for Backend Users Low
CVE-2025-47938 was published for typo3/cms-core (Composer) May 20, 2025
bnf
TYPO3 Allows Information Disclosure via DBAL Restriction Handling Low
CVE-2025-47937 was published for typo3/cms-core (Composer) May 20, 2025
christianfutterlieb eliashaeussler
TYPO3 CMS Webhooks Server Side Request Forgery Low
CVE-2025-47936 was published for typo3/cms-webhooks (Composer) May 20, 2025
bnf
Failed login response could be different depending on whether the username was local or central. Low Unreviewed
CVE-2025-48015 was published May 20, 2025
A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME... Low Unreviewed
CVE-2025-4945 was published May 19, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3... Low Unreviewed
CVE-2025-31185 was published May 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database