Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

24,433 advisories

Loading
SQL injection vulnerability in TeamCal Neo, version 3.8.2. This could allow an attacker to... Critical Unreviewed
CVE-2025-0929 was published Jan 31, 2025
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress... Critical Unreviewed
CVE-2025-0493 was published Jan 31, 2025
Software installed and run as a non-privileged user may conduct improper GPU system calls to... Critical Unreviewed
CVE-2024-47891 was published Jan 31, 2025
Affected products contain a vulnerability in the device cloud rpc command handling process that... Critical Unreviewed
CVE-2025-0680 was published Jan 30, 2025
A malicious actor can fix the session of a PAM user by tricking the user to click on a specially... Critical Unreviewed
CVE-2025-24503 was published Jan 30, 2025
The affected product is vulnerable to an out-of-bounds write, which could allow an attacker to... Critical Unreviewed
CVE-2024-12248 was published Jan 30, 2025
An encryption vulnerability exists in all versions prior to V15.00.001 of Rockwell Automation... Critical Unreviewed
CVE-2025-0477 was published Jan 30, 2025
General OpenMRS Security Advisory, January 2025: Penetration Testing Results and Patches Critical
GHSA-vpxm-cr3r-pjp9 was published for org.openmrs.module:addresshierarchy (Maven) Jan 30, 2025
slubwama mseaton
The iControlWP – Multiple WordPress Site Manager plugin for WordPress is vulnerable to PHP Object... Critical Unreviewed
CVE-2024-13742 was published Jan 30, 2025
The Media Manager for UserPro plugin for WordPress is vulnerable to unauthorized modification of... Critical Unreviewed
CVE-2024-12822 was published Jan 30, 2025
Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to... Critical Unreviewed
CVE-2025-21415 was published Jan 30, 2025
Password Vulnerability in Safety production process management system v1.0 allows a remote... Critical Unreviewed
CVE-2024-57395 was published Jan 30, 2025
Deep Java Library path traversal issue Critical
CVE-2025-0851 was published for ai.djl:api (Maven) Jan 29, 2025
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email... Critical Unreviewed
CVE-2025-20061 was published Jan 29, 2025
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version... Critical Unreviewed
CVE-2025-20014 was published Jan 29, 2025
A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as... Critical Unreviewed
CVE-2025-0798 was published Jan 29, 2025
A Remote Code Execution Vulnerability exists in the product and version listed above. The... Critical Unreviewed
CVE-2025-24480 was published Jan 28, 2025
ismp-grandpa crate accepted incorrect signatures Critical
CVE-2025-24800 was published for grandpa-verifier (Rust) Jan 28, 2025
The ThemeREX Addons plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2024-13448 was published Jan 28, 2025
Buffer overflow in CPCA font download processing of Small Office Multifunction Printers and Laser... Critical Unreviewed
CVE-2024-12647 was published Jan 28, 2025
Buffer overflow in XPS data font processing of Small Office Multifunction Printers and Laser... Critical Unreviewed
CVE-2024-12649 was published Jan 28, 2025
Buffer overflow in TIFF data EXIF tag processing of Small Office Multifunction Printers and Laser... Critical Unreviewed
CVE-2024-12648 was published Jan 28, 2025
Due to reliance on a trivial substitution cipher, sent in cleartext, and the reliance on a... Critical Unreviewed
CVE-2022-3365 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sonoma... Critical Unreviewed
CVE-2025-24163 was published Jan 28, 2025
This issue was addressed through improved state management. This issue is fixed in visionOS 2.3,... Critical Unreviewed
CVE-2025-24162 was published Jan 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database