Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in all versions up to,... Moderate Unreviewed
CVE-2024-9104 was published Oct 16, 2024
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could... High Unreviewed
CVE-2023-34348 was published Jan 18, 2024
The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-10781 was published Nov 26, 2024
Improper check of password character lenght in ORing IAP-420 allows a forced deadlock. This issue... Moderate Unreviewed
CVE-2024-55548 was published Dec 10, 2024
notation-go has an OS error when setting CRL cache leads to denial of signature verification Low
CVE-2024-51491 was published for github.com/notaryproject/notation-go (Go) Jan 13, 2025
Faeris95 JeyJeyGao
shizhMSFT
Lodestar snappy decompression issue Low
GHSA-53rv-hcvm-rpp9 was published for @lodestar/reqresp (npm) Jan 14, 2025
gln7
Vyper Does Not Check the Success of Certain Precompile Calls Low
CVE-2025-21607 was published for vyper (pip) Jan 14, 2025
ritzdorf vasinicola
trocher
CometBFT allows a malicious peer to make node stuck in blocksync Moderate
CVE-2025-24371 was published for github.com/cometbft/cometbft (Go) Feb 3, 2025
unknownfeature
In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the... Moderate Unreviewed
CVE-2023-21036 was published Mar 24, 2023
In updateInputChannel of WindowManagerService.java, there is a possible way to set a touchable... Moderate Unreviewed
CVE-2023-21026 was published Mar 24, 2023
ntpd NTS client denial of service via wrongly sized cookies Moderate
GHSA-v83q-83hj-rw38 was published for ntpd (Rust) Feb 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database