Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

4,884 advisories

Loading
The command ctl_persistent_reserve_out allows the caller to specify an arbitrary size which will... Moderate Unreviewed
CVE-2024-39281 was published Nov 12, 2024
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-13136 was published Jan 5, 2025
A vulnerability was found in AquilaCMS 1.412.13. It has been rated as critical. Affected by this... Moderate Unreviewed
CVE-2025-0465 was published Jan 14, 2025
Windows Virtual Trusted Platform Module Denial of Service Vulnerability Moderate Unreviewed
CVE-2025-21284 was published Jan 14, 2025
Windows Virtual Trusted Platform Module Denial of Service Vulnerability Moderate Unreviewed
CVE-2025-21280 was published Jan 14, 2025
Umbraco Forms's Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length Moderate
CVE-2025-23041 was published for Umbraco.Forms (NuGet) Jan 14, 2025
RGV2ZWxvcGVy
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API... Moderate Unreviewed
CVE-2024-52337 was published Nov 26, 2024
** DISPUTED ** The Zend Engine in PHP before 5.4.16 RC1, and 5.5.0 before RC2, does not properly... Moderate Unreviewed
CVE-2013-3735 was published May 17, 2022
Concrete CMS Stored XSS in getAttributeSetName Moderate
CVE-2024-7394 was published for concrete5/concrete5 (Composer) Aug 8, 2024
vyper performs double eval of the slice start/length args in certain cases Moderate
CVE-2024-32646 was published for vyper (pip) Apr 25, 2024
cyberthirst
vyper performs incorrect topic logging in raw_log Moderate
CVE-2024-32645 was published for vyper (pip) Apr 25, 2024
chen-robert
** DISPUTED ** Varnish 2.0.6 writes data to a log file without sanitizing non-printable... Moderate Unreviewed
CVE-2009-4488 was published May 2, 2022
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold and SP1,... Moderate Unreviewed
CVE-2009-2516 was published May 2, 2022
File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The... Moderate Unreviewed
CVE-2024-3488 was published May 15, 2024
The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3,... Moderate Unreviewed
CVE-2010-0485 was published May 2, 2022
Concrete CMS vulnerable to Stored Cross-site Scripting Moderate
CVE-2024-4353 was published for concrete5/concrete5 (Composer) Aug 1, 2024
Concrete CMS Stored Cross-site Scripting vulnerability Moderate
CVE-2024-4350 was published for concrete5/concrete5 (Composer) Aug 12, 2024
Stored XSS vulnerability in Edit Service Page of Apache Ranger UI in Apache Ranger Version 2.4.0.... Moderate Unreviewed
CVE-2024-45478 was published Jan 22, 2025
An Improper Input Validation vulnerability in Juniper Tunnel Driver (jtd) and ICMP module of... Moderate Unreviewed
CVE-2024-21590 was published Apr 12, 2024
An unauthenticated remote attacker can upload a arbitrary script file due to improper input... Moderate Unreviewed
CVE-2024-25994 was published Mar 12, 2024
An unauthenticated remote attacker can read memory out of bounds due to improper input validation... Moderate Unreviewed
CVE-2024-26000 was published Mar 12, 2024
A low privileged remote attacker... Moderate Unreviewed
CVE-2024-28135 was published May 14, 2024
Excessive Platform Resource Consumption within a Loop when unmarshalling Compose file having recursive loop Moderate
CVE-2024-10846 was published for github.com/compose-spec/compose-go/v2 (Go) Jan 21, 2025
ahollmann idsulik
thaJeztah glours gbrindisi
In pqframework, there is a possible out of bounds read due to a missing bounds check. This could... Moderate Unreviewed
CVE-2023-20720 was published May 16, 2023
In isp, there is a possible out of bounds write due to improper input validation. This could lead... Moderate Unreviewed
CVE-2023-20721 was published May 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database