Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,395
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

134,255 advisories

Loading
ping in iputils through 20240905 allows a denial of service (application error or incorrect data... Moderate Unreviewed
CVE-2025-47268 was published May 5, 2025
A vulnerability in Cisco DNA Center software could allow an unauthenticated remote attacker... Moderate Unreviewed
CVE-2020-3411 was published May 24, 2022
A vulnerability in the configuration archive functionality of Cisco DNA Center could allow any... Moderate Unreviewed
CVE-2021-1265 was published May 24, 2022
IBM Db2 Mirror for i 7.4, 7.5, and 7.6 GUI is affected by cross-site WebSocket hijacking... Moderate Unreviewed
CVE-2025-36116 was published Jul 23, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Moderate Unreviewed
CVE-2025-4411 was published Jul 23, 2025
IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 transmits sensitive information... Moderate Unreviewed
CVE-2025-33020 was published Jul 23, 2025
A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface,... Moderate Unreviewed
CVE-2025-40598 was published Jul 23, 2025
A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as ... Moderate Unreviewed
CVE-2025-54090 was published Jul 23, 2025
IBM Db2 Mirror for i 7.4, 7.5, and 7.6 does not disallow the session id after use which could... Moderate Unreviewed
CVE-2025-36117 was published Jul 23, 2025
The JavaScript engine did not handle closed generators correctly and it was possible to resume... Moderate Unreviewed
CVE-2025-8033 was published Jul 22, 2025
On 64-bit platforms IonMonkey-JIT only wrote 32 bits of the 64-bit return value space on the... Moderate Unreviewed
CVE-2025-8027 was published Jul 22, 2025
Buffer Overflow vulnerability in gdal 3.10.2 allows a local attacker to cause a denial of service... Moderate Unreviewed
CVE-2025-29480 was published Apr 7, 2025
Multiple vulnerabilities in the web-based management interface of Cisco DNA Center software could... Moderate Unreviewed
CVE-2020-3466 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco DNA Center software could allow an... Moderate Unreviewed
CVE-2021-1130 was published May 24, 2022
HAX CMS application pages vulnerable to clickjacking Moderate
CVE-2025-54139 was published for @haxtheweb/haxcms-nodejs (Composer) Jul 21, 2025
lfgberg odransfield
IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2... Moderate Unreviewed
CVE-2024-40682 was published Jul 23, 2025
IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2... Moderate Unreviewed
CVE-2024-40686 was published Jul 23, 2025
IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2... Moderate Unreviewed
CVE-2024-41750 was published Jul 23, 2025
IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2... Moderate Unreviewed
CVE-2024-41751 was published Jul 23, 2025
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in HotelRunner B2B allows... Moderate Unreviewed
CVE-2025-4296 was published Jul 23, 2025
Zohocorp ManageEngine Applications Manager versions 176600 and prior are vulnerable to stored... Moderate Unreviewed
CVE-2025-27930 was published Jul 23, 2025
A Reflected XSS vulnerability in DJ-Reviews component 1.0-1.3.6 for Joomla was discovered. Moderate Unreviewed
CVE-2025-54295 was published Jul 23, 2025
Cross-site request forgery (CSRF) vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to... Moderate Unreviewed
CVE-2024-11014 was published Nov 29, 2024
SAP FICA ODN framework allows a high privileged user to inject value inside the local variable... Moderate Unreviewed
CVE-2025-42947 was published Jul 23, 2025
Improper validation of specified quantity in input issue exists in Real-time Bus Tracking System... Moderate Unreviewed
CVE-2025-43881 was published Jul 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database