Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,331
Erlang
31
GitHub Actions
21
Go
2,093
Maven
5,000+
npm
3,756
NuGet
678
pip
3,443
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

242,200 advisories

Loading
The Avada Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the... Moderate Unreviewed
CVE-2024-12477 was published Jan 23, 2025
By utilizing software-defined radios and a custom low-latency processing pipeline, RF signals... Moderate Unreviewed
CVE-2024-9310 was published Jan 22, 2025
Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to... Unknown Unreviewed
CVE-2025-0611 was published Jan 22, 2025
Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote... Unknown Unreviewed
CVE-2025-0612 was published Jan 22, 2025
For TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F, an attacker... High Unreviewed
CVE-2024-11166 was published Jan 22, 2025
A Cross Site Request Forgery (CSRF) vulnerability in Code Astro Internet banking system 2.0.0... Unknown Unreviewed
CVE-2024-56924 was published Jan 22, 2025
D-Link DSL-3782 v1.01 is vulnerable to Buffer Overflow in /New_GUI/ParentalControl.asp. Unknown Unreviewed
CVE-2024-56914 was published Jan 22, 2025
In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instrument Control... Unknown Unreviewed
CVE-2024-55957 was published Jan 22, 2025
Improper Privilege Management vulnerability in Cloudflare WARP on Windows allows File... Moderate Unreviewed
CVE-2025-0651 was published Jan 22, 2025
In GRAU DATA Blocky before 3.1, Blocky-Gui has a Client-Side Enforcement of Server-Side Security... Unknown Unreviewed
CVE-2024-42013 was published Jan 22, 2025
A stored cross-site scripting (XSS) vulnerability in Umbraco CMS v14.3.1 allows attackers to... Unknown Unreviewed
CVE-2024-55488 was published Jan 22, 2025
A reachable assertion in the nas_eps_send_emm_to_esm function of Open5GS <= 2.6.4 allows... Unknown Unreviewed
CVE-2024-24429 was published Jan 22, 2025
Synnefo Internet Management Software 2023 was discovered to contain a SQL injection vulnerability. Unknown Unreviewed
CVE-2023-37777 was published Jan 22, 2025
GRAU DATA Blocky before 3.1 stores passwords encrypted rather than hashed. At the login screen,... Unknown Unreviewed
CVE-2024-42012 was published Jan 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-23992 was published Jan 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23809 was published Jan 22, 2025
A vulnerability in the REST API of Cisco Meeting Management could allow a remote, authenticated... Critical Unreviewed
CVE-2025-20156 was published Jan 22, 2025
In certain circumstances, an issue in Arm Cortex-A72 (revisions before r1p0), Cortex-A73 and... Unknown Unreviewed
CVE-2024-10929 was published Jan 22, 2025
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2... High Unreviewed
CVE-2024-31903 was published Jan 22, 2025
The initial code parsing the manifest did not check the content of the file names yet later code... High Unreviewed
CVE-2025-0638 was published Jan 22, 2025
Deserialization of Untrusted Data vulnerability in NotFound Muzaara Google Ads Report allows... Critical Unreviewed
CVE-2025-23914 was published Jan 22, 2025
IBM Robotic Process Automation for Cloud Pak 21.0.0 through 21.0.7.19 and 23.0.0 through 23.0.19... Moderate Unreviewed
CVE-2024-51457 was published Jan 22, 2025
A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could... Moderate Unreviewed
CVE-2025-20128 was published Jan 22, 2025
A vulnerability in the SIP processing subsystem of Cisco BroadWorks could allow an... High Unreviewed
CVE-2025-20165 was published Jan 22, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23966 was published Jan 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database