Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

10,879 advisories

Loading
Apache Pulsar: Pulsar Functions Worker Allows Unauthorized File Access and Unauthorized HTTP/HTTPS Proxying High
CVE-2024-27894 was published for org.apache.pulsar:pulsar-functions-worker (Maven) Mar 12, 2024
oscerd
Local file inclusion in gradio High
CVE-2024-4941 was published for gradio (pip) Jun 6, 2024
vyper performs incorrect topic logging in raw_log Moderate
CVE-2024-32645 was published for vyper (pip) Apr 25, 2024
chen-robert
vyper performs double eval of the slice start/length args in certain cases Moderate
CVE-2024-32646 was published for vyper (pip) Apr 25, 2024
cyberthirst
Concrete CMS Stored XSS in getAttributeSetName Moderate
CVE-2024-7394 was published for concrete5/concrete5 (Composer) Aug 8, 2024
src/sdp.c in bluez-libs 3.30 in BlueZ, and other bluez-libs before 3.34 and bluez-utils before 3... High Unreviewed
CVE-2008-2374 was published May 1, 2022
** DISPUTED ** The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly... Moderate Unreviewed
CVE-2013-3735 was published May 17, 2022
Memory corruption when the channel ID passed by user is not validated and further used. High Unreviewed
CVE-2024-21476 was published May 6, 2024
Umbraco Forms's Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length Moderate
CVE-2025-23041 was published for Umbraco.Forms (NuGet) Jan 14, 2025
RGV2ZWxvcGVy
Windows Virtual Trusted Platform Module Denial of Service Vulnerability Moderate Unreviewed
CVE-2025-21280 was published Jan 14, 2025
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21370 was published Jan 14, 2025
Microsoft SharePoint Server Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21344 was published Jan 14, 2025
Windows Virtual Trusted Platform Module Denial of Service Vulnerability Moderate Unreviewed
CVE-2025-21284 was published Jan 14, 2025
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21234 was published Jan 14, 2025
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21235 was published Jan 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability High Unreviewed
CVE-2025-21230 was published Jan 14, 2025
A vulnerability was found in AquilaCMS 1.412.13. It has been rated as critical. Affected by this... Moderate Unreviewed
CVE-2025-0465 was published Jan 14, 2025
keep-module-latest vulnerable to Command Injection due to missing input sanitization High
CVE-2023-26128 was published for keep-module-latest (npm) May 27, 2023
Memory corruption while redirecting log file to any file location with any file name. Critical Unreviewed
CVE-2024-21473 was published Apr 1, 2024
An issue in alanclarke URLite v.3.1.0 allows an attacker to cause a denial of service (DoS) via a... High Unreviewed
CVE-2023-51931 was published Feb 16, 2024
HCL MyXalytics is affected by a weak input validation vulnerability. The application accepts... Low Unreviewed
CVE-2024-42175 was published Jan 11, 2025
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-13136 was published Jan 5, 2025
Memory corruption in Core Services while executing the command for removing a single event listener. Critical Unreviewed
CVE-2023-28578 was published Mar 4, 2024
The command ctl_persistent_reserve_out allows the caller to specify an arbitrary size which will... Moderate Unreviewed
CVE-2024-39281 was published Nov 12, 2024
An issue was discovered in Joomla! 4.2.0 through 4.3.1. Lack of input validation caused an open... Moderate Unreviewed
CVE-2023-23754 was published May 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database