Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

916 advisories

Loading
A vulnerability, which was classified as problematic, has been found in HDF5 1.14.6. This issue... Moderate Unreviewed
CVE-2025-6817 was published Jun 28, 2025
A vulnerability was found in CodeMirror up to 5.17.0 and classified as problematic. Affected by... Moderate Unreviewed
CVE-2025-6493 was published Jun 23, 2025
A vulnerability has been found in MarkText up to 0.17.1 and classified as problematic. Affected... Moderate Unreviewed
CVE-2025-6492 was published Jun 22, 2025
A vulnerability was found in HobbesOSR Kitten up to c4f8b7c3158983d1020af432be1b417b28686736 and... Moderate Unreviewed
CVE-2025-6365 was published Jun 20, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported... Moderate Unreviewed
CVE-2024-20985 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20961 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported... Moderate Unreviewed
CVE-2024-20981 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported... Moderate Unreviewed
CVE-2024-20983 was published Jan 17, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20965 was published Jan 17, 2024
A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been classified as problematic... Moderate Unreviewed
CVE-2025-6274 was published Jun 19, 2025
An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the... Moderate Unreviewed
CVE-2023-49557 was published Jan 3, 2024
An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the... Moderate Unreviewed
CVE-2023-49555 was published Jan 3, 2024
A vulnerability, which was classified as problematic, was found in spdlog up to 1.15.1. This... Moderate Unreviewed
CVE-2025-6140 was published Jun 17, 2025
The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An... Moderate Unreviewed
CVE-2023-42941 was published Jan 11, 2024
A vulnerability, which was classified as problematic, has been found in RocketChat up to 7.6.1.... Moderate Unreviewed
CVE-2025-5892 was published Jun 9, 2025
A vulnerability was found in Metabase 54.10. It has been classified as problematic. This affects... Moderate Unreviewed
CVE-2025-5895 was published Jun 9, 2025
A vulnerability classified as problematic has been found in actions toolkit 0.5.0. This affects... Moderate Unreviewed
CVE-2025-5890 was published Jun 9, 2025
D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged... Moderate Unreviewed
CVE-2023-34969 was published Jun 8, 2023
Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability. Moderate Unreviewed
CVE-2022-34701 was published Aug 10, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2024-20971 was published Jan 17, 2024
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core)... Moderate Unreviewed
CVE-2024-20959 was published Jan 17, 2024
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation... Moderate Unreviewed
CVE-2024-22164 was published Jan 9, 2024
In Expat (aka libexpat) before 2.4.5, an attacker can trigger stack exhaustion in build_model via... Moderate Unreviewed
CVE-2022-25313 was published Feb 19, 2022
An issue in Open Network Foundation ONOS v2.7.0 allows attackers to cause a Denial of Service ... Moderate Unreviewed
CVE-2024-53423 was published May 29, 2025
Azure Site Recovery Denial of Service Vulnerability. Moderate Unreviewed
CVE-2022-35776 was published Aug 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database