Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

79 advisories

Loading
An improper neutralization of special elements in output used by a downstream component (... Moderate Unreviewed
CVE-2024-33510 was published Nov 12, 2024
vantage6-server node accepts non-whitelisted algorithms from malicious server High
CVE-2023-47631 was published for vantage6-node (pip) Nov 14, 2023
The Client secret is not checked when using the OAuth Password grant type. By exploiting this... Low Unreviewed
CVE-2024-12056 was published Dec 4, 2024
In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for... High Unreviewed
CVE-2024-40650 was published Sep 11, 2024
Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote... Critical Unreviewed
CVE-2024-3845 was published Apr 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote... High Unreviewed
CVE-2024-2174 was published Mar 6, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote... High Unreviewed
CVE-2024-6773 was published Jul 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote... High Unreviewed
CVE-2024-6772 was published Jul 17, 2024
udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP... Critical Unreviewed
CVE-2016-10229 was published May 17, 2022
Spring Framework allows applications to expose STOMP over WebSocket endpoints Critical
CVE-2018-1270 was published for org.springframework:spring-messaging (Maven) Oct 17, 2018
Spring Framework has Improperly Implemented Security Check for Standard Critical
CVE-2018-1275 was published for org.springframework:spring-messaging (Maven) Oct 17, 2018
sunSUNQ MarkLee131
Credited to sunSUNQ and MarkLee131
Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed
CVE-2025-21267 was published Feb 7, 2025
FortiOS 6.2 running AV engine version 6.00142 and below, FortiOS 6.4 running AV engine version 6... Moderate Unreviewed
CVE-2020-9295 was published Mar 17, 2025
Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a... High Unreviewed
CVE-2025-3069 was published Apr 2, 2025
Failure to verify the mode of CPU execution at the time of SNP_INIT may lead to a potential loss... Moderate Unreviewed
CVE-2021-26328 was published Jan 11, 2023
A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus... Moderate Unreviewed
CVE-2017-6032 was published May 13, 2022
SnapCenter versions prior to 4.7 shipped without Content Security Policy (CSP) implemented which... High Unreviewed
CVE-2022-38732 was published Sep 30, 2022
SpiceDB checks involving relations with caveats can result in no permission when permission is expected Low
CVE-2025-49011 was published for github.com/authzed/spicedb (Go) Jun 6, 2025
miparnisari
Credited to miparnisari
An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version... Moderate Unreviewed
CVE-2024-55599 was published Jul 8, 2025
A stack-based buffer overflow vulnerability (CWE-121) in the profile parser of FortiSandbox... Moderate Unreviewed
CVE-2021-26105 was published Mar 24, 2025
A vulnerability classified as problematic was found in Comodo Dragon up to 134.0.6998.179.... Low Unreviewed
CVE-2025-8204 was published Jul 26, 2025
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Moderate Unreviewed
CVE-2021-42017 was published Mar 9, 2022
Improperly implemented security check for standard in the DDRIO configuration for some Intel(R)... Moderate Unreviewed
CVE-2025-32086 was published Aug 12, 2025
Java: DoS Vulnerability in JSON-JAVA High
CVE-2023-5072 was published for org.json:json (Maven) Nov 14, 2023
eamonnmcmanus
Credited to eamonnmcmanus
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43262 was published Sep 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database