Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,026
Maven
5,000+
npm
4,763
NuGet
824
pip
4,366
Pub
12
RubyGems
987
Rust
1,143
Swift
50
Unreviewed advisories
All unreviewed
5,000+

13 advisories

Loading
A vulnerability in the input protection mechanisms of Cisco Firepower Management Center (FMC)... Moderate Unreviewed
CVE-2022-20744 was published May 4, 2022
A reliance on untrusted inputs in a security decision could be exploited by a privileged user to... Moderate Unreviewed
CVE-2023-46686 was published Dec 19, 2023
A flaw in the TETRA authentication procecure allows a MITM adversary that can predict the MS... Moderate Unreviewed
CVE-2022-24400 was published Oct 19, 2023
Malicious package may avoid detection in python auditing Moderate
CVE-2020-5252 was published for safety (pip) Mar 24, 2020
akoumjian G-Rath
Credited to akoumjian and G-Rath
Sinatra vulnerable to Reliance on Untrusted Inputs in a Security Decision Moderate
CVE-2024-21510 was published for sinatra (RubyGems) Nov 1, 2024
ThomasKoppensteiner
Credited to ThomasKoppensteiner
IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to... Moderate Unreviewed
CVE-2024-45654 was published Jan 19, 2025
By utilizing software-defined radios and a custom low-latency processing pipeline, RF signals... Moderate Unreviewed
CVE-2024-9310 was published Jan 22, 2025
Duplicate Advisory: Picklescan Allows Remote Code Execution via Malicious Pickle File Bypassing Static Analysis Moderate
GHSA-hw34-rqc5-h2gm was published for picklescan (pip) Mar 3, 2025 withdrawn
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass in the quota limitation. Due to... Moderate Unreviewed
CVE-2017-0887 was published May 13, 2022
github.com/gorilla/csrf improperly validates TrustedOrigins allowing CSRF attacks Moderate
CVE-2025-47909 was published for github.com/gorilla/csrf (Go) Aug 29, 2025
In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data... Moderate Unreviewed
CVE-2024-47254 was published Nov 5, 2024
The Easy Digital Downloads plugin for WordPress is vulnerable to Order Manipulation in all... Moderate Unreviewed
CVE-2025-11271 was published Nov 6, 2025
Mega-Fence (webgate-lib.*) 25.1.914 and prior trusts the first value of the X-Forwarded-For (XFF)... Moderate Unreviewed
CVE-2025-65328 was published Jan 5, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database