Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

12,676 advisories

Loading
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). ... Low Unreviewed
CVE-2025-21520 was published Jan 21, 2025
This issue was addressed with improved authentication. This issue is fixed in iOS 18.4 and iPadOS... Low Unreviewed
CVE-2025-24193 was published Apr 1, 2025
During an address list folding when a separating comma ends up on a folded line and that line is... Low Unreviewed
CVE-2025-1795 was published Feb 28, 2025
A stack consumption issue in sqfs_size in Das U-Boot before 2025.01-rc1 occurs via a crafted... Low Unreviewed
CVE-2024-57257 was published Feb 19, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2025-24145 was published Jan 28, 2025
An authentication issue was addressed with improved state management. This issue is fixed in iOS... Low Unreviewed
CVE-2025-24141 was published Jan 28, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Low Unreviewed
CVE-2025-21546 was published Jan 21, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Low Unreviewed
CVE-2024-12425 was published Jan 7, 2025
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges.... Low Unreviewed
CVE-2019-15790 was published May 24, 2022
In Shadow 4.13, it is possible to inject control characters into fields provided to the SUID... Low Unreviewed
CVE-2023-29383 was published Apr 15, 2023
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability... Low Unreviewed
CVE-2021-36054 was published May 24, 2022
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability... Low Unreviewed
CVE-2021-36053 was published May 24, 2022
XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability... Low Unreviewed
CVE-2021-36045 was published May 24, 2022
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be... Low Unreviewed
CVE-2019-11483 was published May 24, 2022
The installation component in Hospira MedNet before 6.1 places cleartext credentials in... Low Unreviewed
CVE-2014-5400 was published May 17, 2022
Langchain-Chatchat vulnerable to path traversal Low
CVE-2025-6854 was published for langchain-chatchat (pip) Jun 29, 2025
Langchain-Chatchat vulnerable to path traversal Low
CVE-2025-6855 was published for langchain-chatchat (pip) Jun 29, 2025
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor... Low Unreviewed
CVE-2024-36331 was published Sep 6, 2025
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout,... Low Unreviewed
CVE-2025-54812 was published Aug 22, 2025
A vulnerability was identified in fushengqian fuint up to... Low Unreviewed
CVE-2025-12623 was published Nov 3, 2025
A security vulnerability has been detected in PHPGurukul News Portal 1.0. The affected element is... Low Unreviewed
CVE-2025-12615 was published Nov 3, 2025
/etc/timezone can be Arbitrarily Written.This issue affects BLU-IC2: through 1.19.5; BLU-IC4:... Low Unreviewed
CVE-2025-12603 was published Nov 1, 2025
/etc/avahi/services/z9.service can be Arbitrarily Written.This issue affects BLU-IC2: through 1... Low Unreviewed
CVE-2025-12602 was published Nov 1, 2025
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 uses weak... Low Unreviewed
CVE-2014-2381 was published May 17, 2022
Schneider Electric Wonderware Information Server (WIS) Portal 4.0 SP1 through 5.5 allows remote... Low Unreviewed
CVE-2014-5398 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database