Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

19 advisories

Loading
Apache IoTDB JDBC Driver Discloses Sensitive Information via Log Files Moderate
CVE-2025-26795 was published for org.apache.iotdb:iotdb-jdbc (Maven) May 14, 2025
AnonySE26
Moodle has reflected Cross-site Scripting risk in policy tool Moderate
CVE-2025-3643 was published for moodle/moodle (Composer) Apr 25, 2025
AnonySE26
Moodle has an IDOR in messaging web service which allows access to some user details Moderate
CVE-2025-3645 was published for moodle/moodle (Composer) Apr 25, 2025
AnonySE26
io.jmix.localfs:jmix-localfs affected by DoS in the Local File Storage Moderate
CVE-2025-32952 was published for io.jmix.localfs:jmix-localfs (Maven) Apr 22, 2025
AnonySE26
io.jmix.rest:jmix-rest allows XSS in the /files Endpoint of the Generic REST API Moderate
CVE-2025-32951 was published for io.jmix.rest:jmix-rest (Maven) Apr 22, 2025
AnonySE26
io.jmix.localfs:jmix-localfs has a Path Traversal in Local File Storage Moderate
CVE-2025-32950 was published for io.jmix.localfs:jmix-localfs (Maven) Apr 22, 2025
shadowsock5 AnonySE26
Elasticsearch Vulnerable to Stack Overflow due to a Large Recursion Moderate
CVE-2024-52981 was published for org.elasticsearch:elasticsearch (Maven) Apr 8, 2025
AnonySE26
Elasticsearch Potential Node Crash due to Large Recursion in `innerForbidCircularReferences` Function Moderate
CVE-2024-52980 was published for org.elasticsearch:elasticsearch (Maven) Apr 8, 2025
AnonySE26
Security Update for the OPC UA .NET Standard Stack Moderate
CVE-2024-42512 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Mar 3, 2025
TomTervoort AnonySE26
Rancher's SAML-based login via CLI can be denied by unauthenticated users Moderate
CVE-2025-23387 was published for github.com/rancher/rancher (Go) Feb 27, 2025
AnonySE26
Moodle Unsanitized HTML in site log for config_log_created Moderate
CVE-2024-34006 was published for moodle/moodle (Composer) May 31, 2024
AnonySE26
Moodle Cross-site Scripting (XSS) Moderate
CVE-2024-34000 was published for moodle/moodle (Composer) May 31, 2024
AnonySE26
Moodle Cross-site Scripting (XSS) Moderate
CVE-2024-33998 was published for moodle/moodle (Composer) May 31, 2024
AnonySE26
Moodle stored Cross-site Scripting (XSS) Moderate
CVE-2024-33997 was published for moodle/moodle (Composer) May 31, 2024
AnonySE26
Elasticsearch Uncaught Exception leading to crash Moderate
CVE-2024-23449 was published for org.elasticsearch:elasticsearch (Maven) Mar 29, 2024
AnonySE26
Moodle vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2013-4522 was published for moodle/moodle (Composer) May 13, 2022
AnonySE26
Data races in lock_api Moderate
CVE-2020-35910 was published for lock_api (Rust) Aug 25, 2021
AnonySE26
Use after free in actix-service Moderate
CVE-2020-35899 was published for actix-service (Rust) Aug 25, 2021
AnonySE26
Cross-site scripting in ThinkAdmin Moderate
CVE-2020-29315 was published for zoujingli/thinkadmin (Composer) May 6, 2021
AnonySE26
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database