Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

463 advisories

Loading
Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations Low
CVE-2024-51744 was published for github.com/golang-jwt/jwt/v4 (Go) Nov 4, 2024
yuligesec
Credited to yuligesec
In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix error... Moderate Unreviewed
CVE-2024-50176 was published Nov 8, 2024
In the Linux kernel, the following vulnerability has been resolved: nilfs2: propagate directory... Moderate Unreviewed
CVE-2024-50202 was published Nov 8, 2024
The transport_message_handler function in SCP-Firmware release versions 2.11.0-2.15.0 does not... High Unreviewed
CVE-2024-9413 was published Nov 13, 2024
In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the... Moderate Unreviewed
CVE-2024-53063 was published Nov 19, 2024
A potential security vulnerability has been identified in the HPE NonStop DISK UTIL (T9208)... Moderate Unreviewed
CVE-2024-51766 was published Nov 22, 2024
Cilium's Layer 7 policy enforcement may not occur in policies with wildcarded port ranges Moderate
CVE-2024-52529 was published for github.com/cilium/cilium (Go) Nov 25, 2024
A security issue exists in Vertex Gemini API for customers using VPC-SC. By utilizing a custom... Moderate Unreviewed
CVE-2024-12236 was published Dec 10, 2024
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on... Moderate Unreviewed
CVE-2024-41886 was published Dec 24, 2024
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd)... High Unreviewed
CVE-2025-21602 was published Jan 9, 2025
An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of... Moderate Unreviewed
CVE-2025-21596 was published Jan 9, 2025
Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and... Moderate Unreviewed
CVE-2024-11863 was published Jan 14, 2025
Specifically crafted SCMI messages sent to an SCP running SCP-Firmware release versions up to and... High Unreviewed
CVE-2024-11864 was published Jan 14, 2025
Improper handling of alternate encoding occurs when Elastic Defend on Windows systems attempts to... Moderate Unreviewed
CVE-2024-37284 was published Jan 21, 2025
A denial-of-service vulnerability exists in the affected products. The vulnerability could allow... High Unreviewed
CVE-2025-24478 was published Jan 28, 2025
Cosmos SDK: x/group can halt when erroring in EndBlocker High
GHSA-47ww-ff84-4jrg was published for github.com/cosmos/cosmos-sdk (Go) Mar 12, 2025
LlamaIndex Improper Handling of Exceptional Conditions vulnerability High
CVE-2024-12704 was published for llama_index (pip) Mar 20, 2025
An Improper Handling of Exceptional Conditions vulnerability in routing protocol daemon (rpd) of... Moderate Unreviewed
CVE-2025-30652 was published Apr 9, 2025
React Router allows a DoS via cache poisoning by forcing SPA mode High
CVE-2025-43864 was published for react-router (npm) Apr 24, 2025
cold-try
Credited to cold-try
Vulnerability of improper authentication logic implementation in the file system module Impact:... High Unreviewed
CVE-2025-46584 was published May 6, 2025
Memory corruption during memory assignment to headless peripheral VM due to incorrect error code... High Unreviewed
CVE-2024-49841 was published May 6, 2025
Improper Privilege Management vulnerability in Centreon web allows Privilege Escalation. ACL are... Moderate Unreviewed
CVE-2025-4649 was published May 13, 2025
Improper handling of insufficient permissions or privileges in Microsoft Dataverse allows an... High Unreviewed
CVE-2025-29826 was published May 13, 2025
Babylon vulnerable to chain half when transaction has fees different than `ubbn` High
GHSA-56j4-446m-qrf6 was published for github.com/babylonlabs-io/babylon (Go) Jun 30, 2025
A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All... Moderate Unreviewed
CVE-2025-41222 was published Jul 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database