GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,474
Erlang
33
GitHub Actions
24
Go
2,198
Maven
5,000+
npm
3,843
NuGet
696
pip
3,632
Pub
12
RubyGems
911
Rust
912
Swift
38
Unreviewed advisories
All unreviewed
5,000+
63 advisories
Filter by severity
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in all versions up to,...
Moderate
Unreviewed
CVE-2024-9104
was published
Oct 16, 2024
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could...
High
Unreviewed
CVE-2023-34348
was published
Jan 18, 2024
The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-10781
was published
Nov 26, 2024
Improper check of password character lenght in ORing IAP-420 allows a forced deadlock. This issue...
Moderate
Unreviewed
CVE-2024-55548
was published
Dec 10, 2024
notation-go has an OS error when setting CRL cache leads to denial of signature verification
Low
CVE-2024-51491
was published
for
github.com/notaryproject/notation-go
(Go)
Jan 13, 2025
Lodestar snappy decompression issue
Low
GHSA-53rv-hcvm-rpp9
was published
for
@lodestar/reqresp
(npm)
Jan 14, 2025
Vyper Does Not Check the Success of Certain Precompile Calls
Low
CVE-2025-21607
was published
for
vyper
(pip)
Jan 14, 2025
CometBFT allows a malicious peer to make node stuck in blocksync
Moderate
CVE-2025-24371
was published
for
github.com/cometbft/cometbft
(Go)
Feb 3, 2025
In BitmapExport.java, there is a possible failure to truncate images due to a logic error in the...
Moderate
Unreviewed
CVE-2023-21036
was published
Mar 24, 2023
In updateInputChannel of WindowManagerService.java, there is a possible way to set a touchable...
Moderate
Unreviewed
CVE-2023-21026
was published
Mar 24, 2023
printer_write in drivers/usb/gadget/function/f_printer.c in the Linux kernel through 6.7.4 does...
Moderate
Unreviewed
CVE-2024-25741
was published
Feb 12, 2024
ntpd NTS client denial of service via wrongly sized cookies
Moderate
GHSA-v83q-83hj-rw38
was published
for
ntpd
(Rust)
Feb 28, 2025
The XINJE XL5E-16T and XD5E-24R-E programmable logic controllers V3.5.3b-V3.7.2a have a...
High
Unreviewed
CVE-2024-50954
was published
Jan 15, 2025
ProTip!
Advisories are also available from the
GraphQL API