Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6,770 advisories

Loading
This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.4... Moderate Unreviewed
CVE-2025-24281 was published Apr 1, 2025
A library injection issue was addressed with additional restrictions. This issue is fixed in... Moderate Unreviewed
CVE-2025-24282 was published Apr 1, 2025
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13... Moderate Unreviewed
CVE-2025-24276 was published Apr 1, 2025
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24280 was published Apr 1, 2025
A logging issue was addressed with improved data redaction. This issue is fixed in visionOS 2.4,... Moderate Unreviewed
CVE-2025-24283 was published Apr 1, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed
CVE-2025-24262 was published Apr 1, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, macOS... Moderate Unreviewed
CVE-2025-24261 was published Apr 1, 2025
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7... Moderate Unreviewed
CVE-2025-24244 was published Apr 1, 2025
The issue was addressed with improved checks. This issue is fixed in Xcode 16.3. A malicious app... Moderate Unreviewed
CVE-2025-24226 was published Apr 1, 2025
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Moderate Unreviewed
CVE-2025-24217 was published Apr 1, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5,... Moderate Unreviewed
CVE-2025-24164 was published Apr 1, 2025
Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query Moderate
CVE-2025-31125 was published for vite (npm) Mar 31, 2025
Iuhsssss
Credited to Iuhsssss
The DAP to Autoresponders Email Syncing plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-2840 was published Mar 29, 2025
SaTECH BCU in its firmware version 2.1.3, allows an authenticated attacker to access information... Moderate Unreviewed
CVE-2025-2860 was published Mar 28, 2025
An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE... Moderate Unreviewed
CVE-2021-24008 was published Mar 28, 2025
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is... Moderate Unreviewed
CVE-2025-2578 was published Mar 28, 2025
libming v0.4.8 was discovered to contain a memory leak via the parseSWF_MORPHFILLSTYLES function. Moderate Unreviewed
CVE-2025-29497 was published Mar 27, 2025
libming v0.4.8 was discovered to contain a memory leak via the parseSWF_PLACEOBJECT3 function. Moderate Unreviewed
CVE-2025-29486 was published Mar 27, 2025
libming v0.4.8 was discovered to contain a memory leak via the parseSWF_INITACTION function. Moderate Unreviewed
CVE-2025-29488 was published Mar 27, 2025
libming v0.4.8 was discovered to contain a memory leak via the parseSWF_MORPHLINESTYLES function. Moderate Unreviewed
CVE-2025-29489 was published Mar 27, 2025
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2025-20232 was published Mar 27, 2025
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform... Moderate Unreviewed
CVE-2025-20226 was published Mar 27, 2025
Directus `search` query parameter allows enumeration of non permitted fields Moderate
CVE-2025-30352 was published for directus (npm) Mar 26, 2025
hanneskuettner moritzgvt
Credited to hanneskuettner and moritzgvt
The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin... Moderate Unreviewed
CVE-2025-2228 was published Mar 26, 2025
Vite bypasses server.fs.deny when using ?raw?? Moderate
CVE-2025-30208 was published for vite (npm) Mar 25, 2025
Ezzer17
Credited to Ezzer17
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database