Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,167
Maven
5,000+
npm
3,830
NuGet
696
pip
3,508
Pub
12
RubyGems
910
Rust
906
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,045 advisories

Loading
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3,... Moderate Unreviewed
CVE-2025-24158 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura... Critical Unreviewed
CVE-2025-24124 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.4, macOS Ventura... Critical Unreviewed
CVE-2025-24123 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3, macOS... Critical Unreviewed
CVE-2025-24139 was published Jan 28, 2025
An allocation-size-too-big bug in the component /imagebuf.cpp of OpenImageIO v3.1.0.0dev may... High Unreviewed
CVE-2024-55195 was published Jan 24, 2025
A vulnerability has been identified where a maliciously crafted message containing a specific... High Unreviewed
CVE-2023-28356 was published May 12, 2023
A malicious or compromised UApp or ABL can send a malformed system call to the bootloader, which... Critical Unreviewed
CVE-2021-46760 was published May 9, 2023
An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions... Moderate Unreviewed
CVE-2025-0695 was published Jan 27, 2025
Spring Security vulnerable to Authorization Bypass of Static Resources in WebFlux Applications Critical
CVE-2024-38821 was published for org.springframework.security:spring-security-web (Maven) Oct 28, 2024
Jerryscript 3.0 (commit 05dbbd1) was discovered to contain out-of-memory issue in malloc. Moderate Unreviewed
CVE-2023-31914 was published May 12, 2023
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-21492 was published Jan 21, 2025
In pushDynamicShortcut of ShortcutPackage.java, there is a possible way to get the device into a... Moderate Unreviewed
CVE-2023-20930 was published May 16, 2023
In several functions of SnoozeHelper.java, there is a possible way to grant notifications access... High Unreviewed
CVE-2023-21110 was published May 16, 2023
Unlimited consumption of resources in @fastify/multipart High
CVE-2025-24033 was published for @fastify/multipart (npm) Jan 23, 2025
Uncontrolled Resource Consumption in moodle High
CVE-2024-25978 was published for moodle/moodle (Composer) Feb 19, 2024
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-21491 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Moderate Unreviewed
CVE-2025-21494 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-21500 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-21503 was published Jan 21, 2025
Vulnerability in the MySQL Enterprise Firewall product of Oracle MySQL (component: Firewall). ... Moderate Unreviewed
CVE-2025-21495 was published Jan 21, 2025
An issue in the sqlg_group_node component of openlink virtuoso-opensource v7.2.11 allows... High Unreviewed
CVE-2024-57664 was published Jan 14, 2025
Django has a potential denial-of-service vulnerability in IPv6 validation Moderate
CVE-2024-56374 was published for Django (pip) Jan 14, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21509 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-21504 was published Jan 21, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed
CVE-2025-21501 was published Jan 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database