Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,552
Maven
5,000+
npm
4,224
NuGet
746
pip
3,999
Pub
12
RubyGems
953
Rust
1,041
Swift
45
Unreviewed advisories
All unreviewed
5,000+

112,524 advisories

Loading
The Social proof testimonials and reviews by Repuso plugin for WordPress is vulnerable to Stored... High Unreviewed
CVE-2024-13351 was published Jan 15, 2025
Integer overflow in Skia in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to... High Unreviewed
CVE-2025-0436 was published Jan 15, 2025
In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a... High Unreviewed
CVE-2024-4227 was published Jan 15, 2025
Cross-site scripting vulnerability in NEC Corporation Aterm WG2600HS Ver.1.7.2 and earlier,... High Unreviewed
CVE-2025-0354 was published Jan 15, 2025
Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver... High Unreviewed
CVE-2025-0355 was published Jan 15, 2025
Stack-based buffer overflow vulnerability exists in Linux Ratfor 1.06 and earlier. When the... High Unreviewed
CVE-2024-55577 was published Jan 15, 2025
In Yubico pam-u2f before 1.3.1, local privilege escalation can sometimes occur. This product... High Unreviewed
CVE-2025-23013 was published Jan 15, 2025
ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before 1.24.0 was discovered to contain a WiFi... High Unreviewed
CVE-2024-42911 was published Jan 15, 2025
MSFM before v2025.01.01 was discovered to contain a deserialization vulnerability via the pom.xml... High Unreviewed
CVE-2024-57762 was published Jan 15, 2025
MSFM before 2025.01.01 was discovered to contain a SQL injection vulnerability via the s_name... High Unreviewed
CVE-2024-57765 was published Jan 15, 2025
MSFM before v2025.01.01 was discovered to contain a Server-Side Request Forgery (SSRF) via the... High Unreviewed
CVE-2024-57767 was published Jan 15, 2025
Flatnotes <v5.3.1 is vulnerable to denial of service through the upload image function. High Unreviewed
CVE-2024-54730 was published Jan 15, 2025
JeeWMS before v2025.01.01 was discovered to contain a permission bypass in the component ... High Unreviewed
CVE-2024-57757 was published Jan 15, 2025
An arbitrary file upload vulnerability in the parserXML() method of JeeWMS before v2025.01.01... High Unreviewed
CVE-2024-57761 was published Jan 15, 2025
Multiple endpoints in GestioIP v3.5.7 are vulnerable to Cross-Site Request Forgery (CSRF). An... High Unreviewed
CVE-2024-50858 was published Jan 15, 2025
Rancher UI has Stored Cross-site Scripting vulnerability High
CVE-2024-52281 was published for github.com/rancher/rancher (Go) Jan 14, 2025
Animate versions 24.0.6, 23.0.9 and earlier are affected by an Integer Underflow (Wrap or... High Unreviewed
CVE-2025-21135 was published Jan 14, 2025
Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2025-21136 was published Jan 14, 2025
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2025-21137 was published Jan 14, 2025
Substance3D - Designer versions 14.0 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2025-21138 was published Jan 14, 2025
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2025-21139 was published Jan 14, 2025
Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery (SSRF) allowing for... High Unreviewed
CVE-2025-0474 was published Jan 14, 2025
Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Integer Underflow (Wrap or... High Unreviewed
CVE-2025-21122 was published Jan 14, 2025
Photoshop Desktop versions 25.12, 26.1 and earlier are affected by an Uncontrolled Search Path... High Unreviewed
CVE-2025-21127 was published Jan 14, 2025
Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2025-21130 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database