Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

263,701 advisories

Loading
HortusFox v3.9 contains a stored XSS vulnerability in the "Add Plant" function. The name input... Moderate Unreviewed
CVE-2024-57329 was published Jan 24, 2025
A DLL hijacking vulnerability in iTop VPN v16.0 allows attackers to execute arbitrary code via... High Unreviewed
CVE-2024-53588 was published Jan 24, 2025
A SQL Injection vulnerability exists in the login form of Online Food Ordering System v1.0. The... Critical Unreviewed
CVE-2024-57328 was published Jan 24, 2025
SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to heap-based buffer overflow... Unknown Unreviewed
CVE-2024-50698 was published Jan 25, 2025
In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when decrypting MQTT messages, the code... Unknown Unreviewed
CVE-2024-50697 was published Jan 25, 2025
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2025-21262 was published Jan 25, 2025
Cross Site Scripting vulnerability in Wallos v.2.41.0 allows a remote attacker to execute... Moderate Unreviewed
CVE-2024-57386 was published Jan 24, 2025
SunGrow WiNet-SV200.001.00.P027 and earlier versions contains a hardcoded password that can be... Unknown Unreviewed
CVE-2024-50690 was published Jan 25, 2025
SunGrow WiNet-SV200.001.00.P027 and earlier versions contains hardcoded MQTT credentials that... Unknown Unreviewed
CVE-2024-50692 was published Jan 25, 2025
In SunGrow WiNet-SV200.001.00.P027 and earlier versions, when copying the timestamp read from an... Unknown Unreviewed
CVE-2024-50694 was published Jan 25, 2025
SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to stack-based buffer overflow... Unknown Unreviewed
CVE-2024-50695 was published Jan 25, 2025
Cross Site Scripting vulnerability in store2 Moderate
CVE-2024-57556 was published for store2 (npm) Jan 24, 2025
Apache Tomcat - Authentication Bypass Critical
CVE-2024-52316 was published for org.apache.tomcat:tomcat-catalina (Maven) Nov 18, 2024
Apache Tomcat Request and/or response mix-up Moderate
CVE-2024-52317 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Nov 18, 2024
Unpatched `path-to-regexp` ReDoS in 0.1.x High
CVE-2024-52798 was published for path-to-regexp (npm) Dec 5, 2024
blakeembrey ctcpip
XXE vulnerability in XSLT parsing in `org.hl7.fhir.publisher` High
CVE-2024-52807 was published for org.hl7.fhir.publisher:org.hl7.fhir.publisher.cli (Maven) Jan 24, 2025
dotasek
HL7 FHIR IG Publisher potentially exposes GitHub repo user and credential information Moderate
CVE-2025-24363 was published for org.hl7.fhir.publisher:org.hl7.fhir.publisher.cli (Maven) Jan 24, 2025
KWHotel 0.47 is vulnerable to CSV Formula Injection in the add guest function. Moderate Unreviewed
CVE-2023-46400 was published Jan 24, 2025
An issue was discovered in Centreon centreon-web 24.10.x before 24.10.3, 24.04.x before 24.04.9,... Critical Unreviewed
CVE-2024-55573 was published Jan 24, 2025
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could... Moderate Unreviewed
CVE-2023-20708 was published May 16, 2023
Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a Plaintext Storage of a Password... High Unreviewed
CVE-2025-21102 was published Jan 8, 2025
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could... Moderate Unreviewed
CVE-2023-20709 was published May 16, 2023
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to... Moderate Unreviewed
CVE-2023-20704 was published May 16, 2023
A stack overflow in the sctp_server::sctp_receiver_thread component of OpenAirInterface CN5G AMF ... High Unreviewed
CVE-2024-24451 was published Jan 22, 2025
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to... Moderate Unreviewed
CVE-2023-20707 was published May 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database