Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,426
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,670
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+

280 advisories

Loading
A vulnerability that allows an attacker to access the NTLM hash of the Veeam Reporter Service... Critical Unreviewed
CVE-2024-42019 was published Sep 7, 2024
An unauthenticated Insecure Direct Object Reference (IDOR) to the database has been found in the... Critical Unreviewed
CVE-2024-27113 was published Sep 11, 2024
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... Critical Unreviewed
CVE-2024-8884 was published Oct 8, 2024
The CE21 Suite plugin for WordPress is vulnerable to sensitive information disclosure via the... Critical Unreviewed
CVE-2024-10285 was published Nov 9, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability... Critical Unreviewed
CVE-2024-3502 was published Nov 14, 2024
In lunary-ai/lunary versions up to and including 1.2.5, an information disclosure vulnerability... Critical Unreviewed
CVE-2024-3501 was published Nov 14, 2024
http4k has a potential XXE (XML External Entity Injection) vulnerability Critical
CVE-2024-55875 was published for org.http4k:http4k-format-xml (Maven) Dec 12, 2024
JAckLosingHeart Credited to JAckLosingHeart
An issue was identified in Fleet Server where Fleet policies that could contain sensitive... Critical Unreviewed
CVE-2024-52975 was published Jan 23, 2025
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Sequoia... Critical Unreviewed
CVE-2025-24102 was published Jan 28, 2025
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Critical Unreviewed
CVE-2025-24146 was published Jan 28, 2025
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-24109 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS... Critical Unreviewed
CVE-2025-24174 was published Jan 28, 2025
PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext Critical
CVE-2025-23215 was published for net.sourceforge.pmd:pmd-core (Maven) Jan 31, 2025
hboutemy Credited to hboutemy and yusuke-koyoshi yusuke-koyoshi yusuke-koyoshi
Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string) Critical
GHSA-vjh7-7g9h-fjfh was published for elliptic (npm) Feb 12, 2025
ChALkeR Credited to ChALkeR and jprichardson jprichardson jprichardson
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27675 was published Mar 5, 2025
The issue was addressed with improved handling of protocols. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2024-40864 was published Apr 1, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app... Critical Unreviewed
CVE-2025-24204 was published Apr 1, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24232 was published Apr 1, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-24242 was published Apr 1, 2025
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-24239 was published Apr 1, 2025
An injection issue was addressed with improved validation. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24246 was published Apr 1, 2025
This issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24250 was published Apr 1, 2025
A privacy issue was addressed by moving sensitive data to a protected location. This issue is... Critical Unreviewed
CVE-2025-24263 was published Apr 1, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24253 was published Apr 1, 2025
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24278 was published Apr 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database