Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,778
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,965
NuGet
713
pip
3,759
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+

20 advisories

Loading
An unauthenticated remote attacker can exploit input validation in cmd services of the devices,... High Unreviewed
CVE-2025-41650 was published May 27, 2025
Kyverno vulnerable to bypass of policy rules that use namespace selectors in match statements High
CVE-2025-46342 was published for github.com/kyverno/kyverno (Go) Apr 29, 2025
anbrsap
Fastify vulnerable to invalid content-type parsing, which could lead to validation bypass High
CVE-2025-32442 was published for fastify (npm) Apr 18, 2025
Linkster78 climba03003
mcollina Eomm jsumners
MobSF Partial Denial of Service (DoS) High
CVE-2025-24804 was published for mobsf (pip) Feb 5, 2025
Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow... High Unreviewed
CVE-2024-48858 was published Jan 14, 2025
An improper parsing vulnerability was reported in the FileZ client that could allow a crafted... High Unreviewed
CVE-2024-8058 was published Dec 16, 2024
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. ... High Unreviewed
CVE-2024-51546 was published Dec 5, 2024
Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation... High Unreviewed
CVE-2024-8403 was published Nov 19, 2024
A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2024-20494 was published Oct 23, 2024
A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance... High Unreviewed
CVE-2024-20408 was published Oct 23, 2024
An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine ... High Unreviewed
CVE-2024-47504 was published Oct 11, 2024
IBM QRadar Suite Software 1.10.12.0 through 1.10.21.0 and IBM Cloud Pak for Security 1.10.12.0... High Unreviewed
CVE-2023-47726 was published Jun 18, 2024
An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon (RPD)... High Unreviewed
CVE-2024-30395 was published Apr 12, 2024
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub in the... High Unreviewed
CVE-2024-29946 was published Mar 27, 2024
Denial of Service in pipelines affecting all versions of Gitlab EE and CE prior to 16.2.8, 16.3... High Unreviewed
CVE-2023-3917 was published Sep 29, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16... High Unreviewed
CVE-2023-3900 was published Aug 2, 2023
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V3.0.1),... High Unreviewed
CVE-2021-44694 was published Dec 13, 2022
A vulnerability has been identified in SICAM PAS/PQS (All versions < V7.0), SICAM PAS/PQS (All... High Unreviewed
CVE-2022-43723 was published Dec 13, 2022
phpCAS vulnerable to Service Hostname Discovery Exploitation High
CVE-2022-39369 was published for apereo/phpcas (Composer) Nov 1, 2022
Insufficient type validation in pocketmine/pocketmine-mp High
GHSA-g5rr-p69h-7v3g was published for pocketmine/pocketmine-mp (Composer) Apr 22, 2022
kurt-r2c
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database