Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,447 advisories

Loading
A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers... High Unreviewed
CVE-2023-51314 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Bus Reservation System v1... High Unreviewed
CVE-2023-51316 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password', 'Email Settings' feature of PHPJabbers Event... High Unreviewed
CVE-2023-51293 was published Feb 19, 2025
A lack of rate limiting in the "Login Section, Forgot Email" feature of PHPJabbers Hotel Booking... High Unreviewed
CVE-2023-51301 was published Feb 19, 2025
Mercedes Benz head-unit NTG 6 contains functions to import or export profile settings over USB.... High Unreviewed
CVE-2023-34397 was published Feb 14, 2025
An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a... High Unreviewed
CVE-2024-56940 was published Feb 13, 2025
An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. The absence of a... High Unreviewed
CVE-2024-46923 was published Feb 13, 2025
Windows Active Directory Domain Services API Denial of Service Vulnerability High Unreviewed
CVE-2025-21351 was published Feb 11, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability High Unreviewed
CVE-2025-21181 was published Feb 11, 2025
Apache James vulnerable to denial of service through the use of IMAP literals High
CVE-2024-37358 was published for org.apache.james.protocols:protocols-imap (Maven) Feb 6, 2025
Apache James vulnerable to denial of service through JMAP HTML to text conversion High
CVE-2024-45626 was published for org.apache.james:james-server-jmap-draft (Maven) Feb 6, 2025
eazy-logger prototype pollution High
CVE-2024-57075 was published for eazy-logger (npm) Feb 6, 2025
RDIL FeBe95
A prototype pollution in the lib.post function of ajax-request v1.2.3 allows attackers to cause a... High Unreviewed
CVE-2024-57076 was published Feb 6, 2025
A prototype pollution in the lib.fromQuery function of underscore-contrib v0.3.0 allows attackers... High Unreviewed
CVE-2024-57081 was published Feb 6, 2025
@zag-js/core prototype pollution High
CVE-2024-57079 was published for @zag-js/core (npm) Feb 6, 2025
taraspos
A prototype pollution in the lib.merge function of xe-utils v3.5.31 allows attackers to cause a... High Unreviewed
CVE-2024-57074 was published Feb 6, 2025
A prototype pollution in the function deepMerge of @stryker-mutator/util v8.6.0 allows attackers... High Unreviewed
CVE-2024-57085 was published Feb 6, 2025
When a BIG-IP message routing profile is configured on a virtual server, undisclosed traffic can... High Unreviewed
CVE-2025-20058 was published Feb 5, 2025
When Client or Server SSL profiles are configured on a Virtual Server, or DNSSEC signing... High Unreviewed
CVE-2025-21087 was published Feb 5, 2025
An issue was discovered in Open5gs v2.7.2. InitialUEMessage, Registration request sent at a... High Unreviewed
CVE-2024-56921 was published Feb 3, 2025
An issue in Open5GS v.2.7.2 allows a remote attacker to cause a denial of service via the... High Unreviewed
CVE-2024-57519 was published Jan 29, 2025
Open5GS MME versions <= 2.6.4 contains an assertion that can be remotely triggered via a... High Unreviewed
CVE-2023-37014 was published Jan 22, 2025
Open5GS MME versions <= 2.6.4 contain a reachable assertion in the `UE Context Release Request`... High Unreviewed
CVE-2023-37022 was published Jan 22, 2025
A reachable assertion in the decode_access_point_name_ie function of Magma <= 1.8.0 (fixed in v1... High Unreviewed
CVE-2024-24424 was published Jan 22, 2025
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... High Unreviewed
CVE-2025-21545 was published Jan 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database