Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,862 advisories

Loading
GitLab has remediated an issue in GitLab EE affecting all versions from 10.6 before 18.3.5, 18.4... Moderate Unreviewed
CVE-2025-11971 was published Oct 27, 2025
Liferay Portal Does Not Limit Access to APIs Before Email Verification Moderate
CVE-2025-62259 was published for com.liferay.portal:release.portal.bom (Maven) Oct 28, 2025
Drupal CivicTheme Design System allows Forceful Browsing High
CVE-2025-12082 was published for drupal/civictheme (Composer) Oct 30, 2025
The Folderly plugin for WordPress is vulnerable to unauthorized modification of data due to an... Moderate Unreviewed
CVE-2025-12038 was published Nov 1, 2025
Authlib: JWS/JWT accepts unknown crit headers (RFC violation → possible authz bypass) High
CVE-2025-59420 was published for authlib (pip) Sep 22, 2025
AL-Cybision
Credited to AL-Cybision
Liferay Portal and DXP do not check permissions of images in a blog entry Moderate
CVE-2025-62275 was published for com.liferay:com.liferay.blogs.item.selector.web (Maven) Nov 1, 2025
The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass by submitting... Critical Unreviewed
CVE-2022-39955 was published Sep 21, 2022
The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rule set bypass for HTTP... Critical Unreviewed
CVE-2022-39956 was published Sep 21, 2022
The OWASP ModSecurity Core Rule Set (CRS) is affected by a response body bypass to sequentially... High Unreviewed
CVE-2022-39958 was published Sep 21, 2022
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed
CVE-2025-21519 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed
CVE-2025-21540 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Low Unreviewed
CVE-2025-21546 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed
CVE-2025-21567 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-21555 was published Jan 21, 2025
An authentication issue was addressed with improved state management. This issue is fixed in iOS... Low Unreviewed
CVE-2025-24141 was published Jan 28, 2025
An authorization issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2025-24200 was published Feb 10, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed
CVE-2025-27645 was published Mar 5, 2025
This issue was addressed with improved data access restriction. This issue is fixed in visionOS 2... High Unreviewed
CVE-2025-24221 was published Apr 1, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-44172 was published Jan 28, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24114 was published Jan 28, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3,... Low Unreviewed
CVE-2025-24121 was published Jan 28, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Low Unreviewed
CVE-2025-30703 was published Apr 15, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5... Moderate Unreviewed
CVE-2025-31227 was published May 13, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sequoia... Moderate Unreviewed
CVE-2025-43197 was published Jul 30, 2025
An authorization issue was addressed with improved state management. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43251 was published Jul 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database