Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

21,129 advisories

Loading
LibreNMS Misc Section Stored Cross-site Scripting vulnerability Moderate
CVE-2025-23200 was published for librenms/librenms (Composer) Jan 16, 2025
tCu0n9
LibreNMS Ports Stored Cross-site Scripting vulnerability Moderate
CVE-2025-23199 was published for librenms/librenms (Composer) Jan 16, 2025
tCu0n9
LibreNMS Display Name Stored Cross-site Scripting vulnerability Moderate
CVE-2025-23198 was published for librenms/librenms (Composer) Jan 16, 2025
tCu0n9
CVE-2024-5138: snapd snapctl auth bypass Moderate
CVE-2024-5138 was published for github.com/snapcore/snapd (Go) Jan 16, 2025
rmcnamara-snyk
LibreNMS Display Name 2 Stored Cross-site Scripting vulnerability Moderate
CVE-2024-56144 was published for librenms/librenms (Composer) Jan 16, 2025
tCu0n9
parse-uri Regular expression Denial of Service (ReDoS) Moderate
CVE-2024-36751 was published for parse-uri (npm) Jan 16, 2025
Crayfish allows Remote Code Execution via Homarus Authorization header Critical
GHSA-mm6v-68qp-f9fw was published for islandora/crayfish (Composer) Jan 15, 2025
seth-shaw-asu adam-vessey
SP1 has missing verifier checks and fiat-shamir observations High
GHSA-c873-wfhp-wx5m was published for sp1-stark (Rust) Jan 15, 2025
Sentry's improper authentication on SAML SSO process allows user impersonation Critical
CVE-2025-22146 was published for sentry (pip) Jan 15, 2025
Muhammad-Qasim-Munir
Insecure Temporary File in RESTEasy Moderate
CVE-2023-0482 was published for org.jboss.resteasy:resteasy-core (Maven) Jan 15, 2025
Mattermost fails to properly validate post props Moderate
CVE-2025-20088 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 15, 2025
Mattermost fails to properly validate post props Moderate
CVE-2025-20086 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 15, 2025
Mattermost Incorrect Type Conversion or Cast Moderate
CVE-2025-21088 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 15, 2025
Mongoose search injection vulnerability Critical
CVE-2025-23061 was published for mongoose (npm) Jan 15, 2025
skrtheboss
Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message Low
GHSA-mqf3-qpc3-g26q was published for silverstripe/framework (Composer) Jan 14, 2025
Silverstripe Framework has a XSS in form messages Moderate
CVE-2024-53277 was published for silverstripe/framework (Composer) Jan 14, 2025
Silverstripe Framework has a XSS via insert media remote file oembed Moderate
CVE-2024-47605 was published for silverstripe/framework (Composer) Jan 14, 2025
Lodestar snappy checksum issue Low
GHSA-m9c9-mc2h-9wjw was published for @lodestar/reqresp (npm) Jan 14, 2025
gln7
Lodestar snappy decompression issue Low
GHSA-53rv-hcvm-rpp9 was published for @lodestar/reqresp (npm) Jan 14, 2025
gln7
Rancher UI has Stored Cross-site Scripting vulnerability High
CVE-2024-52281 was published for github.com/rancher/rancher (Go) Jan 14, 2025
Django has a potential denial-of-service vulnerability in IPv6 validation Moderate
CVE-2024-56374 was published for Django (pip) Jan 14, 2025
Git LFS permits exfiltration of credentials via crafted HTTP URLs High
CVE-2024-53263 was published for github.com/git-lfs/git-lfs (Go) Jan 14, 2025
Ry0taK
Microsoft Security Advisory CVE-2025-21176 | .NET and Visual Studio Remote Code Execution Vulnerability High
CVE-2025-21176 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jan 14, 2025
Microsoft Security Advisory CVE-2025-21172 | .NET and Visual Studio Remote Code Execution Vulnerability High
CVE-2025-21172 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jan 14, 2025
Microsoft Security Advisory CVE-2025-21171 | .NET Remote Code Execution Vulnerability High
CVE-2025-21171 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database