Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,638
Erlang
34
GitHub Actions
26
Go
2,249
Maven
5,000+
npm
3,903
NuGet
702
pip
3,671
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,832 advisories

Loading
IBM Maximo Asset Management 7.6.1.3 is vulnerable to server-side request forgery (SSRF). This may... Low Unreviewed
CVE-2025-2987 was published Apr 22, 2025
Nokogiri updates packaged libxml2 to v2.13.8 to resolve CVE-2025-32414 and CVE-2025-32415 Low
GHSA-5w6v-399v-w3cc was published for nokogiri (RubyGems) Apr 21, 2025
Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager. Low Unreviewed
CVE-2025-2517 was published Apr 21, 2025
OpenCMS Cross-Site Scripting vulnerability Low
CVE-2024-42699 was published for org.opencms:opencms-core (Maven) Apr 21, 2025
Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a... Low Unreviewed
CVE-2025-43916 was published Apr 21, 2025
An improper neutralization of input vulnerability was identified in the End of Life (EOL) OVA... Low Unreviewed
CVE-2025-3840 was published Apr 21, 2025
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image... Low Unreviewed
CVE-2025-43967 was published Apr 21, 2025
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc. Low Unreviewed
CVE-2025-43966 was published Apr 21, 2025
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer... Low Unreviewed
CVE-2025-43963 was published Apr 21, 2025
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads... Low Unreviewed
CVE-2025-43962 was published Apr 21, 2025
In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag... Low Unreviewed
CVE-2025-43961 was published Apr 21, 2025
In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp... Low Unreviewed
CVE-2025-43964 was published Apr 21, 2025
TwsCachedXPathAPI in Convertigo through 8.3.4 does not restrict the use of commons-jxpath APIs. Low Unreviewed
CVE-2025-43955 was published Apr 20, 2025
cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b":... Low Unreviewed
CVE-2023-26819 was published Apr 20, 2025
mystrtod in mjson 1.2.7 requires more than a billion iterations during processing of certain... Low Unreviewed
CVE-2023-30421 was published Apr 20, 2025
7-Zip through 24.09 does not report an error for certain invalid xz files, involving stream flags... Low Unreviewed
CVE-2022-47112 was published Apr 19, 2025
7-Zip through 24.09 does not report an error for certain invalid xz files, involving block flags... Low Unreviewed
CVE-2022-47111 was published Apr 19, 2025
An issue in Macro-video Technologies Co.,Ltd V380 Pro android application 2.1.44 and V380 Pro... Low Unreviewed
CVE-2025-25983 was published Apr 18, 2025
An issue in Macro-video Technologies Co.,Ltd V380E6_C1 IP camera (Hw_HsAKPIQp_WF_XHR) 1020302... Low Unreviewed
CVE-2025-25985 was published Apr 18, 2025
HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated... Low Unreviewed
CVE-2024-42178 was published Apr 18, 2025
HCL MyXalytics is affected by SSL∕TLS Protocol affected with BREACH & LUCKY13 vulnerabilities.... Low Unreviewed
CVE-2024-42177 was published Apr 17, 2025
DragonflyDB Dragonfly through 1.28.2 allows authenticated users to cause a denial of service ... Low Unreviewed
CVE-2025-26269 was published Apr 17, 2025
DragonflyDB Dragonfly before 1.27.0 allows authenticated users to cause a denial of service ... Low Unreviewed
CVE-2025-26268 was published Apr 17, 2025
In the Linux kernel, the following vulnerability has been resolved: can: etas_es58x:... Low Unreviewed
CVE-2021-47671 was published Apr 17, 2025
In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has... Low Unreviewed
CVE-2025-32415 was published Apr 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database