GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,265
Composer 4,633
Erlang 34
GitHub Actions 25
Go 2,241
Maven 5,485
npm 3,902
NuGet 701
pip 3,669
Pub 12
RubyGems 914
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 252,816

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

11,815 advisories

Filter by severity

Sort by

Least recently updated

Shopware default newsletter opt-in settings allow for mass sign-up abuse Low

CVE-2025-32378 was published for shopware/core (Composer) Apr 9, 2025

Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are... Low Unreviewed

CVE-2025-27192 was published Apr 8, 2025

A flaw was found in OpenSSL's handling of the properties argument in certain functions. This... Low Unreviewed

CVE-2025-3416 was published Apr 8, 2025

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an... Low Unreviewed

CVE-2025-27443 was published Apr 8, 2025

An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79]... Low Unreviewed

CVE-2025-22855 was published Apr 8, 2025

A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in... Low Unreviewed

CVE-2024-50565 was published Apr 8, 2025

A storing passwords in a recoverable format in Fortinet FortiOS versions 7.2.0 through 7.2.1... Low Unreviewed

CVE-2024-32122 was published Apr 8, 2025

Pimcore's Admin Classic Bundle allows HTML Injection Low

CVE-2025-30166 was published for pimcore/admin-ui-classic-bundle (Composer) Apr 8, 2025

Tokio broadcast channel calls clone in parallel, but does not require `Sync` Low

GHSA-rr8g-9fpq-6wmg was published for tokio (Rust) Apr 7, 2025

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long... Low Unreviewed

CVE-2025-3360 was published Apr 7, 2025

Dell Unisphere for PowerMax, version(s) prior to 10.2.0.9 and PowerMax version(s) prior to... Low Unreviewed

CVE-2025-27686 was published Apr 7, 2025

in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed

CVE-2025-22842 was published Apr 7, 2025

in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed

CVE-2025-24304 was published Apr 7, 2025

in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release... Low Unreviewed

CVE-2025-25057 was published Apr 7, 2025

in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release... Low Unreviewed

CVE-2025-27534 was published Apr 7, 2025

in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed

CVE-2025-22452 was published Apr 7, 2025

A vulnerability classified as problematic has been found in Consumer Comanda Mobile up to 14.9.3... Low Unreviewed

CVE-2025-3329 was published Apr 7, 2025

in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed

CVE-2025-20102 was published Apr 7, 2025

In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR... Low Unreviewed

CVE-2025-32366 was published Apr 7, 2025

HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user... Low Unreviewed

CVE-2024-42208 was published Apr 4, 2025

React Draft Wysiwyg Cross-Site Scripting (XSS) via the Embedded Button Low

CVE-2025-3191 was published for react-draft-wysiwyg (npm) Apr 4, 2025

A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerability... Low Unreviewed

CVE-2025-3177 was published Apr 3, 2025

A vulnerability was found in Projeqtor up to 12.0.2. It has been rated as critical. Affected by... Low Unreviewed

CVE-2025-3169 was published Apr 3, 2025

In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file Low Unreviewed

CVE-2025-32054 was published Apr 3, 2025

Yubico YubiKey 5.4.1 through 5.7.3 before 5.7.4 has an incorrect FIDO CTAP PIN/UV Auth Protocol... Low Unreviewed

CVE-2025-29991 was published Apr 3, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

11,815 advisories