Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,515
Erlang
33
GitHub Actions
25
Go
2,215
Maven
5,000+
npm
3,885
NuGet
697
pip
3,654
Pub
12
RubyGems
913
Rust
931
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,737 advisories

Loading
Tokio broadcast channel calls clone in parallel, but does not require `Sync` Low
GHSA-rr8g-9fpq-6wmg was published for tokio (Rust) Apr 7, 2025
A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long... Low Unreviewed
CVE-2025-3360 was published Apr 7, 2025
Dell Unisphere for PowerMax, version(s) prior to 10.2.0.9 and PowerMax version(s) prior to... Low Unreviewed
CVE-2025-27686 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-22452 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release... Low Unreviewed
CVE-2025-25057 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release... Low Unreviewed
CVE-2025-27534 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-22842 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-24304 was published Apr 7, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-20102 was published Apr 7, 2025
A vulnerability classified as problematic has been found in Consumer Comanda Mobile up to 14.9.3... Low Unreviewed
CVE-2025-3329 was published Apr 7, 2025
In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR... Low Unreviewed
CVE-2025-32366 was published Apr 7, 2025
HCL Connections is vulnerable to an information disclosure vulnerability which could allow a user... Low Unreviewed
CVE-2024-42208 was published Apr 4, 2025
React Draft Wysiwyg Cross-Site Scripting (XSS) via the Embedded Button Low
CVE-2025-3191 was published for react-draft-wysiwyg (npm) Apr 4, 2025
A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerability... Low Unreviewed
CVE-2025-3177 was published Apr 3, 2025
A vulnerability was found in Projeqtor up to 12.0.2. It has been rated as critical. Affected by... Low Unreviewed
CVE-2025-3169 was published Apr 3, 2025
In JetBrains IntelliJ IDEA before 2024.3, 2024.2.4 source code could be logged in the idea.log file Low Unreviewed
CVE-2025-32054 was published Apr 3, 2025
Yubico YubiKey 5.4.1 through 5.7.3 before 5.7.4 has an incorrect FIDO CTAP PIN/UV Auth Protocol... Low Unreviewed
CVE-2025-29991 was published Apr 3, 2025
A vulnerability classified as problematic was found in WebAssembly wabt 1.0.36. Affected by this... Low Unreviewed
CVE-2025-3122 was published Apr 3, 2025
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid VerticesPerRow value... Low Unreviewed
CVE-2025-3154 was published Apr 3, 2025
Next.js may leak x-middleware-subrequest-id to external hosts Low
CVE-2025-30218 was published for next (npm) Apr 2, 2025
Ry0taK takumi-san-ai
A broken access control vulnerability previously discovered in the Trend Vision One Role Name... Low Unreviewed
CVE-2025-31285 was published Apr 2, 2025
An HTML injection vulnerability previously discovered in Trend Vision One could have allowed a... Low Unreviewed
CVE-2025-31286 was published Apr 2, 2025
A broken access control vulnerability previously discovered in the Trend Vision One Status... Low Unreviewed
CVE-2025-31284 was published Apr 2, 2025
A broken access control vulnerability previously discovered in the Trend Vision One User Roles... Low Unreviewed
CVE-2025-31283 was published Apr 2, 2025
A broken access control vulnerability previously discovered in the Trend Vision One User Account... Low Unreviewed
CVE-2025-31282 was published Apr 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database