Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,721
Erlang
35
GitHub Actions
29
Go
2,306
Maven
5,000+
npm
3,946
NuGet
711
pip
3,723
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

257,212 advisories

Loading
Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an... High Unreviewed
CVE-2025-31500 was published May 28, 2025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority... Unknown Unreviewed
CVE-2022-36298 was published May 28, 2025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority... Unknown Unreviewed
CVE-2022-43493 was published May 28, 2025
Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via... High Unreviewed
CVE-2025-30087 was published May 28, 2025
An arbitrary file upload vulnerability in the opcode 500 functionality of M2Soft CROWNIX Report &... Unknown Unreviewed
CVE-2024-57337 was published May 28, 2025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority... Unknown Unreviewed
CVE-2022-34859 was published May 28, 2025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority... Unknown Unreviewed
CVE-2022-33893 was published May 28, 2025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority... Unknown Unreviewed
CVE-2022-38092 was published May 28, 2025
Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v... Moderate Unreviewed
CVE-2025-48747 was published May 28, 2025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority... Unknown Unreviewed
CVE-2022-40970 was published May 28, 2025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority... Unknown Unreviewed
CVE-2022-43502 was published May 28, 2025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority... Unknown Unreviewed
CVE-2022-34860 was published May 28, 2025
Netwrix Directory Manager v.11.0.0.0 and before & after v.11.1.25134.03 contains a hardcoded... Unknown Unreviewed
CVE-2025-47748 was published May 28, 2025
In some cases, Kea log files or lease files may be world-readable. This issue affects Kea... Moderate Unreviewed
CVE-2025-32803 was published May 28, 2025
An arbitrary file upload vulnerability in M2Soft CROWNIX Report & ERS v5.x to v5.5.14.1070, v7.x... Unknown Unreviewed
CVE-2024-57338 was published May 28, 2025
Improper neutralization of the value of the 'eventMoreText' property of the 'VCalendar' component... Moderate Unreviewed
CVE-2025-1461 was published May 28, 2025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority... Unknown Unreviewed
CVE-2022-43496 was published May 28, 2025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority... Unknown Unreviewed
CVE-2022-36406 was published May 28, 2025
Netwrix Directory Manager (formerly Imanami GroupID) v11.0.0.0 and before & after v.11.1.25134.03... Unknown Unreviewed
CVE-2025-48749 was published May 28, 2025
Incorrect access control in M2Soft CROWNIX Report & ERS affected v7.x to v7.4.3.599 and v8.x to... Unknown Unreviewed
CVE-2024-57336 was published May 28, 2025
Best Practical RT (Request Tracker) 5.0 through 5.0.7 allows XSS via JavaScript injection in an... High Unreviewed
CVE-2025-31501 was published May 28, 2025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority... Unknown Unreviewed
CVE-2022-26304 was published May 28, 2025
The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap... Moderate Unreviewed
CVE-2025-48927 was published May 28, 2025
The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to... Moderate Unreviewed
CVE-2025-48925 was published May 28, 2025
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority... Unknown Unreviewed
CVE-2022-26038 was published May 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database