Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,746
Erlang
35
GitHub Actions
29
Go
2,319
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
920
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

25 advisories

Loading
IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0... Moderate Unreviewed
CVE-2023-47727 was published May 2, 2024
In FRRouting (FRR) through 9.1, an attacker using a malformed Prefix SID attribute in a BGP... Moderate Unreviewed
CVE-2024-31948 was published Apr 7, 2024
Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.62 allowed a... Moderate Unreviewed
CVE-2024-3175 was published Jul 17, 2024
The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT... Moderate Unreviewed
CVE-2024-1578 was published Sep 16, 2024
Improper Input Validation vulnerability in PHOENIX CONTACT FL/TC MGUARD Family in multiple... Moderate Unreviewed
CVE-2023-2673 was published Jun 13, 2023
An issue has been discovered in GitLab affecting all versions starting from 16.2.0. Committing... Moderate Unreviewed
CVE-2023-4522 was published Aug 30, 2023
An issue has been discovered in GitLab EE affecting all versions starting before 16.4.4, all... Moderate Unreviewed
CVE-2023-3904 was published Dec 15, 2023
A URL parameter during login flow was vulnerable to injection. An attacker could insert a... Moderate Unreviewed
CVE-2023-28799 was published Jun 22, 2023
Improper validation of specified type of input for some Intel(R) PROSet/Wireless and Intel(R)... Moderate Unreviewed
CVE-2023-32651 was published Oct 29, 2024
The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may... Moderate Unreviewed
CVE-2023-29126 was published Nov 5, 2024
Mattermost Mobile Apps versions <=2.22.0 fail to properly validate post props which allows a... Moderate Unreviewed
CVE-2025-20036 was published Jan 15, 2025
Mattermost Mobile Apps versions <=2.22.0 fail to properly validate post props which allows a... Moderate Unreviewed
CVE-2025-21083 was published Jan 15, 2025
Mattermost Mobile Apps versions <=2.22.0 fail to properly handle specially crafted attachment... Moderate Unreviewed
CVE-2025-0476 was published Jan 16, 2025
Mattermost Mobile versions <=2.22.0 fail to properly handle posts with attachments containing... Moderate Unreviewed
CVE-2025-20630 was published Jan 16, 2025
Improper Validation of Specified Type of Input vulnerability in OpenText™ Content Management ... Moderate Unreviewed
CVE-2024-8125 was published Feb 5, 2025
Moxa’s IP Cameras are affected by a medium-severity vulnerability, CVE-2024-9404, which could... Moderate Unreviewed
CVE-2024-9404 was published Dec 4, 2024
Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API param... Moderate Unreviewed
CVE-2024-47262 was published Mar 4, 2025
Mattermost Mobile Apps versions <=2.25.0 fail to properly validate GIF images prior to rendering... Moderate Unreviewed
CVE-2025-1558 was published Mar 24, 2025
The Net::IPAddress::Util module before 5.000 for Perl does not properly consider extraneous zero... Moderate Unreviewed
CVE-2021-47156 was published Mar 18, 2024
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52... Moderate Unreviewed
CVE-2025-3070 was published Apr 2, 2025
51l3nc3, a member of the AXIS OS Bug Bounty Program, has found that the VAPIX API... Moderate Unreviewed
CVE-2024-47261 was published Apr 8, 2025
HCL BigFix Web Reports might be subject to a Denial of Service (DoS) attack, due to a potentially... Moderate Unreviewed
CVE-2024-42189 was published Apr 15, 2025
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated,... Moderate Unreviewed
CVE-2025-20155 was published May 7, 2025
Net::CIDR::Set versions 0.10 through 0.13 for Perl does not properly handle leading zero... Moderate Unreviewed
CVE-2025-40911 was published May 28, 2025
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0... Moderate Unreviewed
CVE-2025-25020 was published Jun 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database