Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,632
Erlang
34
GitHub Actions
25
Go
2,238
Maven
5,000+
npm
3,900
NuGet
701
pip
3,666
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,801 advisories

Loading
In wxWidgets before 3.2.7, a crash can be triggered in wxWidgets apps when connections are... Low Unreviewed
CVE-2024-58249 was published Apr 16, 2025
nopCommerce before 4.80.0 does not offer locking for order placement. Thus there is a race... Low Unreviewed
CVE-2024-58248 was published Apr 16, 2025
Mattermost doesn't restrict domains LLM can request to contact upstream Low
CVE-2025-31363 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 16, 2025
Mattermost Incorrect Authorization vulnerability Low
CVE-2025-24839 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 16, 2025
Mattermost Missing Authentication for Critical Function Low
CVE-2025-27538 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 16, 2025
Vulnerability in the Oracle Applications Technology Stack product of Oracle E-Business Suite ... Low Unreviewed
CVE-2025-30731 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Low Unreviewed
CVE-2025-30703 was published Apr 15, 2025
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable... Low Unreviewed
CVE-2025-30700 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). ... Low Unreviewed
CVE-2025-30681 was published Apr 15, 2025
HCL BigFix Web Reports' service communicates over HTTPS but exhibits a weakness in its handling... Low Unreviewed
CVE-2024-42193 was published Apr 15, 2025
aws-cdk-lib's aspect order change causes different Permissions Boundary assigned to Role Low
GHSA-qc59-cxj2-c2w4 was published for aws-cdk-lib (npm) Apr 15, 2025
VCS credentials included in URL parameters are potentially logged and saved into browser history as plaintext Low
CVE-2025-32021 was published for weblate (pip) Apr 15, 2025
joonashak nijel
gersona
The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files... Low Unreviewed
CVE-2025-32943 was published Apr 15, 2025
SolarWinds Serv-U is vulnerable to a client-side cross-site scripting (XSS) vulnerability. The... Low Unreviewed
CVE-2024-45712 was published Apr 15, 2025
IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into... Low Unreviewed
CVE-2023-27272 was published Apr 14, 2025
Mattermost Incorrect Authorization vulnerability Low
CVE-2025-2424 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 14, 2025
Internet Starter, one of SoftCOM iKSORIS system modules, allows for setting an arbitrary session... Low Unreviewed
CVE-2024-49709 was published Apr 14, 2025
Mattermost Mobile Apps versions <=2.25.0  fail to terminate sessions during logout under certain... Low Unreviewed
CVE-2025-30516 was published Apr 14, 2025
An app may be able to break out of its sandbox. This issue is fixed in iOS 17 and iPadOS 17, iOS... Low Unreviewed
CVE-2023-42969 was published Apr 11, 2025
SurrealDB no JavaScript script function default timeout could facilitate DoS Low
GHSA-3824-qmfq-2qv7 was published for surrealdb (Rust) Apr 11, 2025
cure53
Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside... Low Unreviewed
CVE-2025-31362 was published Apr 11, 2025
CodeLit CourseLit before 0.57.5 allows Parameter Tampering via a payment plan associated with the... Low Unreviewed
CVE-2025-32816 was published Apr 11, 2025
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')... Low Unreviewed
CVE-2025-3469 was published Apr 10, 2025
Vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation Parsoid.This issue affects... Low Unreviewed
CVE-2025-32699 was published Apr 10, 2025
Improper Preservation of Permissions vulnerability in Wikimedia Foundation MediaWiki. This... Low Unreviewed
CVE-2025-32696 was published Apr 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database