Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,695
Maven
5,000+
npm
4,324
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
A malicious ACAP application can gain access to admin-level service account credentials used by... Moderate Unreviewed
CVE-2025-5452 was published Nov 11, 2025
A vulnerability exists in F5OS-A software that allows a highly privileged authenticated attacker... Moderate Unreviewed
CVE-2025-53860 was published Oct 15, 2025
An issue was discovered in BMC Control-M 9.0.21.300. When Control-M Server has a database... Critical Unreviewed
CVE-2025-48709 was published Aug 7, 2025
IBM MQ Container when used with the IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0... Moderate Unreviewed
CVE-2025-1333 was published May 2, 2025
Arctera eDiscovery Platform before 10.3.2, when Enterprise Vault Collection Module is used,... Moderate Unreviewed
CVE-2025-32987 was published Apr 15, 2025
IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2024-28799 was published Aug 14, 2024
The 'deploy-website.yml' workflow in the gradio-app/gradio repository, specifically in the 'main'... High Unreviewed
CVE-2024-4254 was published Jun 4, 2024
Invocation of the sqlplus command with sensitive information in the command line in the mk_oracle... Low Unreviewed
CVE-2024-1742 was published Mar 22, 2024
CloudLinux CageFS 7.1.1-1 or below passes the authentication token as command line argument. In... High Unreviewed
CVE-2020-36771 was published Jan 22, 2024
Veracode Scan Jenkins Plugin vulnerable to information disclosure Moderate
CVE-2023-25722 was published for com.veracode.jenkins:veracode-scan (Maven) Mar 28, 2023
Undertow vulnerable to Denial of Service (DoS) attacks High
CVE-2021-3859 was published for io.undertow:undertow-core (Maven) Jul 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database