Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

122,628 advisories

Loading
A vulnerability classified as critical has been found in CampCodes School Management Software 1.0... Moderate Unreviewed
CVE-2025-0849 was published Jan 30, 2025
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been... Moderate Unreviewed
CVE-2025-0847 was published Jan 30, 2025
A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been... Moderate Unreviewed
CVE-2025-0846 was published Jan 30, 2025
A vulnerability was found in needyamin Library Card System 1.0. It has been declared as... Moderate Unreviewed
CVE-2025-0844 was published Jan 30, 2025
A vulnerability was found in needyamin Library Card System 1.0 and classified as critical. This... Moderate Unreviewed
CVE-2025-0842 was published Jan 30, 2025
A vulnerability was found in needyamin Library Card System 1.0. It has been classified as... Moderate Unreviewed
CVE-2025-0843 was published Jan 30, 2025
fast-fault has a segmentation fault due to lack of bound check Moderate
GHSA-8655-xgh5-5vvq was published for fast-float (Rust) Jan 29, 2025
fast-float2 has a segmentation fault due to lack of bound check Moderate
GHSA-jqcp-xc3v-f446 was published for fast-float2 (Rust) Jan 29, 2025
A vulnerability has been found in Aridius XYZ up to 20240927 on OpenCart and classified as... Moderate Unreviewed
CVE-2025-0841 was published Jan 29, 2025
A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This... Moderate Unreviewed
CVE-2025-0840 was published Jan 29, 2025
Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some... Moderate Unreviewed
CVE-2024-48852 was published Jan 29, 2025
Snowflake.Data has weak temporary files permissions Moderate
CVE-2025-24788 was published for Snowflake.Data (NuGet) Jan 29, 2025
snowflake-connector-python vulnerable to insecure deserialization of the OCSP response cache Moderate
CVE-2025-24794 was published for snowflake-connector-python (pip) Jan 29, 2025
snowflake-connector-python vulnerable to insecure cache files permissions Moderate
CVE-2025-24795 was published for snowflake-connector-python (pip) Jan 29, 2025
kube-audit-rest's example logging configuration could disclose secret values in the audit log Moderate
CVE-2025-24884 was published for github.com/RichardoC/kube-audit-rest (Go) Jan 29, 2025
github.com/hashicorp/yamux's DefaultConfig has dangerous defaults causing hung Read Moderate
GHSA-29qp-crvh-w22m was published for github.com/hashicorp/yamux (Go) Jan 29, 2025
snowflake-sdk may incorrectly validate temporary credential cache file permissions Moderate
CVE-2025-24791 was published for snowflake-sdk (npm) Jan 29, 2025
Snowflake JDBC uses insecure temporary credential cache file permissions Moderate
CVE-2025-24790 was published for net.snowflake:snowflake-jdbc (Maven) Jan 29, 2025
Twig security issue where escaping was missing when using null coalesce operator Moderate
CVE-2025-24374 was published for twig/twig (Composer) Jan 29, 2025
PhilETaylor fabpot
IBM Aspera Faspex 5.0.0 through 5.0.10 could allow a privileged user to make system changes... Moderate Unreviewed
CVE-2023-37412 was published Jan 29, 2025
IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an... Moderate Unreviewed
CVE-2023-37413 was published Jan 29, 2025
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords... Moderate Unreviewed
CVE-2023-37398 was published Jan 29, 2025
IBM Aspera Faspex 5.0.0 through 5.0.10 does not require that users should have strong passwords... Moderate Unreviewed
CVE-2023-35907 was published Jan 29, 2025
RuoYi vulnerable to Denial of Service by attackers with admin privileges Moderate
CVE-2024-57439 was published for com.ruoyi:ruoyi (Maven) Jan 29, 2025
RuoYi has insecure permissions Moderate
CVE-2024-57438 was published for com.ruoyi:ruoyi (Maven) Jan 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database