Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,819
Erlang
36
GitHub Actions
32
Go
2,410
Maven
5,000+
npm
4,046
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

12,250 advisories

Loading
Duplicate Advisory: Koa Open Redirect via Referrer Header (User-Controlled) Low
GHSA-mvw6-62qv-vmqf was published for koa (npm) Jul 25, 2025 withdrawn
Improper Check for Unusual or Exceptional Conditions vulnerability in Phoenix SecureCore... Low Unreviewed
CVE-2024-12533 was published May 13, 2025
JHipster allows privilege escalation via a modified authorities parameter Low
CVE-2025-43712 was published for generator-jhipster (npm) Jul 25, 2025
In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration Low Unreviewed
CVE-2025-54529 was published Jul 28, 2025
@eslint/plugin-kit is vulnerable to Regular Expression Denial of Service attacks through ConfigCommentParser Low
GHSA-xffm-g5w8-qvg7 was published for @eslint/plugin-kit (npm) Jul 18, 2025
ericcornelissen Qix-
buffered-reader vulnerable to out-of-bounds array access leading to panic Low
CVE-2023-53161 was published for buffered-reader (Rust) Jun 6, 2023
Duplicate Advisory: buffered-reader vulnerable to out-of-bounds array access leading to panic Low
GHSA-q5h2-xq96-6gmc was published for buffered-reader (Rust) Jul 28, 2025 withdrawn
Multiple issues involving quote API in shlex Low
CVE-2024-58266 was published for shlex (Rust) Jan 22, 2024
Duplicate Advisory: Multiple issues involving quote API in shlex Low
GHSA-286m-6pg9-v42v was published for shlex (Rust) Jul 28, 2025 withdrawn
Unauthenticated Nonce Increment in snow Low
CVE-2024-58265 was published for snow (Rust) Jan 24, 2024
sequoia-openpgp vulnerable to out-of-bounds array access leading to panic Low
CVE-2023-53160 was published for sequoia-openpgp (Rust) Jun 6, 2023
Duplicate Advisory: Unauthenticated Nonce Increment in snow Low
GHSA-97f8-h76h-f297 was published for snow (Rust) Jul 28, 2025 withdrawn
Duplicate Advisory: sequoia-openpgp vulnerable to out-of-bounds array access leading to panic Low
GHSA-rfx3-ffrp-6875 was published for sequoia-openpgp (Rust) Jul 28, 2025 withdrawn
Duplicate Advisory: serde-json-wasm stack overflow during recursive JSON parsing Low
GHSA-j87p-gjr6-m4pv was published for serde-json-wasm (Rust) Jul 27, 2025 withdrawn
CosmWasm affected by arithmetic overflows Low
CVE-2024-58263 was published for cosmwasm-std (Rust) Apr 24, 2024
Duplicate Advisory: CosmWasm affected by arithmetic overflows Low
GHSA-rm83-pxjx-pr5j was published for cosmwasm-std (Rust) Jul 27, 2025 withdrawn
Duplicate Advisory: curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub` Low
GHSA-4hff-hh47-7788 was published for curve25519-dalek (Rust) Jul 27, 2025 withdrawn
Low severity (DoS) vulnerability in sequoia-openpgp Low
CVE-2024-58261 was published for sequoia-openpgp (Rust) Jun 26, 2024
Duplicate Advisory: Low severity (DoS) vulnerability in sequoia-openpgp Low
GHSA-g97w-mw7g-v3jv was published for sequoia-openpgp (Rust) Jul 27, 2025 withdrawn
A flaw was found in GLib. A denial of service on Windows platforms may occur if an application... Low Unreviewed
CVE-2025-4056 was published Jul 28, 2025
A vulnerability has been found in Vaelsys 4.1.0 and classified as problematic. This vulnerability... Low Unreviewed
CVE-2025-8260 was published Jul 28, 2025
A vulnerability, which was classified as problematic, was found in Comodo Dragon up to 134.0.6998... Low Unreviewed
CVE-2025-8206 was published Jul 26, 2025
A vulnerability classified as problematic was found in Comodo Dragon up to 134.0.6998.179.... Low Unreviewed
CVE-2025-8204 was published Jul 26, 2025
nopCommerce before 4.80.0 does not offer locking for order placement. Thus there is a race... Low Unreviewed
CVE-2024-58248 was published Apr 16, 2025
Mattermost did not properly restrict channel creation Low
CVE-2024-39837 was published for github.com/mattermost/mattermost-server (Go) Aug 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database