Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,688
Erlang
34
GitHub Actions
26
Go
2,274
Maven
5,000+
npm
3,930
NuGet
706
pip
3,696
Pub
12
RubyGems
919
Rust
955
Swift
38
Unreviewed advisories
All unreviewed
5,000+

107,224 advisories

Loading
The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Privilege... High Unreviewed
CVE-2025-3876 was published May 10, 2025
The WordPress Review Plugin: The Ultimate Solution for Building a Review Website plugin for... High Unreviewed
CVE-2025-2158 was published May 10, 2025
A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1... High Unreviewed
CVE-2025-4496 was published May 10, 2025
A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0... High Unreviewed
CVE-2025-3224 was published Apr 28, 2025
IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated... High Unreviewed
CVE-2025-1137 was published May 10, 2025
A vulnerability within the Software Updater functionality of Avira Security for Windows allowed... High Unreviewed
CVE-2022-3368 was published Oct 18, 2022
Retool (self-hosted) before 3.196.0 allows Host header injection. When the BASE_DOMAIN... High Unreviewed
CVE-2025-47424 was published May 10, 2025
code-server's session cookie can be extracted by having user visit specially crafted proxy URL High
CVE-2025-47269 was published for code-server (npm) May 9, 2025
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call. High Unreviewed
CVE-2025-21469 was published May 6, 2025
Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the... High Unreviewed
CVE-2025-21460 was published May 6, 2025
Transient DOS while parsing per STA profile in ML IE. High Unreviewed
CVE-2025-21459 was published May 6, 2025
decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result... High Unreviewed
CVE-2021-28831 was published May 24, 2022
socket.c in GNU Screen through 4.9.0, when installed setuid or setgid (the default on platforms... High Unreviewed
CVE-2023-24626 was published Apr 8, 2023
Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe... High Unreviewed
CVE-2022-33185 was published Oct 26, 2022
Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via... High Unreviewed
CVE-2022-3725 was published Oct 27, 2022
Memory corruption during the FRS UDS generation process. High Unreviewed
CVE-2024-49845 was published May 6, 2025
Memory corruption while decoding of OTA messages from T3448 IE. High Unreviewed
CVE-2024-49846 was published May 6, 2025
Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump... High Unreviewed
CVE-2024-45577 was published May 6, 2025
Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver... High Unreviewed
CVE-2024-45579 was published May 6, 2025
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value. High Unreviewed
CVE-2025-21475 was published May 6, 2025
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4... High Unreviewed
CVE-2015-0240 was published May 14, 2022
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter. High Unreviewed
CVE-2025-21470 was published May 6, 2025
Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key... High Unreviewed
CVE-2024-49847 was published May 6, 2025
In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer... High Unreviewed
CVE-2025-4447 was published May 9, 2025
The SimpleSAMLphp SAML2 library incorrectly verifies signatures for HTTP-Redirect binding High
CVE-2025-27773 was published for simplesamlphp/saml2 (Composer) Mar 11, 2025
ahacker1-securesaml ZeiP
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database