Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

58 advisories

Loading
Mattermost Playbooks fails to properly validate the props used by the RetrospectivePost custom post type Moderate
CVE-2025-41395 was published for github.com/mattermost/mattermost-plugin-playbooks (Go) Apr 24, 2025
Fastify vulnerable to invalid content-type parsing, which could lead to validation bypass High
CVE-2025-32442 was published for fastify (npm) Apr 18, 2025
Linkster78 climba03003
mcollina Eomm
HCL BigFix Web Reports might be subject to a Denial of Service (DoS) attack, due to a potentially... Moderate Unreviewed
CVE-2024-42189 was published Apr 15, 2025
51l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API... Moderate Unreviewed
CVE-2024-47261 was published Apr 8, 2025
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52... Moderate Unreviewed
CVE-2025-3070 was published Apr 2, 2025
Mattermost Mobile Apps versions <=2.25.0 fail to properly validate GIF images prior to rendering... Moderate Unreviewed
CVE-2025-1558 was published Mar 24, 2025
Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param... Moderate Unreviewed
CVE-2024-47262 was published Mar 4, 2025
Keylime registrar is vulnerable to Denial-of-Service attack when updated to version 7.12.0 Moderate
CVE-2025-1057 was published for keylime (pip) Feb 14, 2025
ansasaki
Possible DoS by memory exhaustion in net-imap Moderate
CVE-2025-25186 was published for net-imap (RubyGems) Feb 10, 2025
manunio
MobSF Partial Denial of Service (DoS) High
CVE-2025-24804 was published for mobsf (pip) Feb 5, 2025
Improper Validation of Specified Type of Input vulnerability in OpenText™ Content Management ... Moderate Unreviewed
CVE-2024-8125 was published Feb 5, 2025
Mattermost webapp crash via a crafted post Moderate
CVE-2025-20621 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 16, 2025
Mattermost Mobile versions <=2.22.0 fail to properly handle posts with attachments containing... Moderate Unreviewed
CVE-2025-20630 was published Jan 16, 2025
Mattermost Mobile Apps versions <=2.22.0 fail to properly handle specially crafted attachment... Moderate Unreviewed
CVE-2025-0476 was published Jan 16, 2025
Mattermost Mobile Apps versions <=2.22.0 fail to properly validate post props which allows a... Moderate Unreviewed
CVE-2025-21083 was published Jan 15, 2025
Mattermost Mobile Apps versions <=2.22.0 fail to properly validate post props which allows a... Moderate Unreviewed
CVE-2025-20036 was published Jan 15, 2025
Mattermost fails to properly validate post props Moderate
CVE-2025-20088 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 15, 2025
Mattermost fails to properly validate post props Moderate
CVE-2025-20086 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 15, 2025
Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow... High Unreviewed
CVE-2024-48858 was published Jan 14, 2025
Mattermost Improper Validation of Specified Type of Input vulnerability Moderate
CVE-2025-20033 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 9, 2025
OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which attackers can use to... Critical Unreviewed
CVE-2024-5594 was published Jan 6, 2025
An improper parsing vulnerability was reported in the FileZ client that could allow a crafted... High Unreviewed
CVE-2024-8058 was published Dec 16, 2024
Mattermost Improper Validation of Specified Type of Input vulnerability Moderate
CVE-2024-54083 was published for github.com/mattermost/mattermost/server/v8 (Go) Dec 16, 2024
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. ... High Unreviewed
CVE-2024-51546 was published Dec 5, 2024
Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized... Critical Unreviewed
CVE-2024-51550 was published Dec 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database