GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
4,720 advisories
Filter by severity
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2025-21344
was published
Jan 14, 2025
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2025-21370
was published
Jan 14, 2025
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2025-21235
was published
Jan 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
High
Unreviewed
CVE-2025-21230
was published
Jan 14, 2025
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2025-21234
was published
Jan 14, 2025
go-git clients vulnerable to DoS via maliciously crafted Git server replies
High
CVE-2025-21614
was published
for
github.com/go-git/go-git
(Go)
Jan 6, 2025
An improper input insertion vulnerability in AiCloud on certain router models may lead to...
High
Unreviewed
CVE-2024-12912
was published
Jan 2, 2025
Some Huawei wearables have a vulnerability of not verifying the actual data size when reading...
High
Unreviewed
CVE-2021-22484
was published
Dec 28, 2024
Browsershot Improper Input Validation vulnerability
High
CVE-2024-21549
was published
for
spatie/browsershot
(Composer)
Dec 20, 2024
There is an insufficient input verification vulnerability in Huawei product. Successful...
High
Unreviewed
CVE-2022-32144
was published
Dec 20, 2024
There is an improper input verification vulnerability in Huawei printer product. Successful...
High
Unreviewed
CVE-2022-32204
was published
Dec 20, 2024
Huawei printers have an input verification vulnerability. Successful exploitation of this...
High
Unreviewed
CVE-2022-34159
was published
Dec 20, 2024
OpenShift Must Gather Operator Improper Input Validation vulnerability
High
CVE-2024-25131
was published
for
github.com/openshift/must-gather
(Go)
Dec 19, 2024
Due to the flaws in the verification of input parameters, the attacker can input carefully...
High
Unreviewed
CVE-2020-12487
was published
Dec 17, 2024
Velocidex WinPmem versions below 4.1 suffer from an Improper Input Validation vulnerability...
High
Unreviewed
CVE-2024-10972
was published
Dec 16, 2024
Browsershot Local File Inclusion
High
CVE-2024-21544
was published
for
spatie/browsershot
(Composer)
Dec 13, 2024
Dell Client Platform BIOS contains an Improper Input Validation vulnerability in an externally...
High
Unreviewed
CVE-2024-47238
was published
Dec 12, 2024
Read/Write vulnerability in the image decoding module
Impact: Successful exploitation of this...
High
Unreviewed
CVE-2024-54107
was published
Dec 12, 2024
Microsoft Defender for Endpoint on Android Spoofing Vulnerability
High
Unreviewed
CVE-2024-49057
was published
Dec 12, 2024
Animate versions 23.0.8, 24.0.5 and earlier are affected by an Improper Input Validation...
High
Unreviewed
CVE-2024-52982
was published
Dec 10, 2024
A vulnerability has been identified in SIMATIC S7-PLCSIM V17 (All versions), SIMATIC S7-PLCSIM...
High
Unreviewed
CVE-2024-52051
was published
Dec 10, 2024
Synapse allows a a malformed invite to break the invitee's `/sync`
High
CVE-2024-52815
was published
for
matrix-synapse
(pip)
Dec 3, 2024
Memory corruption while processing API calls to NPU with invalid input.
High
Unreviewed
CVE-2024-43052
was published
Dec 2, 2024
Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW
High
Unreviewed
CVE-2017-15832
was published
Nov 26, 2024
Kubernetes Nil pointer dereference in KCM after v1 HPA patch request
High
CVE-2024-0793
was published
for
k8s.io/kubernetes
(Go)
Nov 17, 2024
ProTip!
Advisories are also available from the
GraphQL API