Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,479
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11,483 advisories

Loading
Server-side Request Forgery (SSRF) in hackney Low
CVE-2025-1211 was published for hackney (Erlang) Feb 11, 2025
benoitc
A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the... Low Unreviewed
CVE-2025-1176 was published Feb 11, 2025
Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by... Low Unreviewed
CVE-2025-23191 was published Feb 11, 2025
A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this... Low Unreviewed
CVE-2025-1153 was published Feb 10, 2025
A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. This... Low Unreviewed
CVE-2025-1150 was published Feb 10, 2025
A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic. This issue... Low Unreviewed
CVE-2025-1151 was published Feb 10, 2025
A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the... Low Unreviewed
CVE-2025-1152 was published Feb 10, 2025
A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by... Low Unreviewed
CVE-2025-1147 was published Feb 10, 2025
A vulnerability was found in GNU Binutils 2.43 and classified as problematic. Affected by this... Low Unreviewed
CVE-2025-1148 was published Feb 10, 2025
A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This... Low Unreviewed
CVE-2025-1149 was published Feb 10, 2025
An error related to the 2-factor authorization (2FA) on the RISC Platform prior to the saas-2021... Low Unreviewed
CVE-2021-41527 was published Feb 7, 2025
Dell Update Manager Plugin, version(s) 1.5.0 through 1.6.0, contain(s) an Improper Neutralization... Low Unreviewed
CVE-2025-22402 was published Feb 7, 2025
A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0.... Low Unreviewed
CVE-2025-1083 was published Feb 7, 2025
A vulnerability was found in Bharti Airtel Xstream Fiber up to 20250123. It has been rated as... Low Unreviewed
CVE-2025-1081 was published Feb 6, 2025
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed... Low Unreviewed
CVE-2024-56467 was published Feb 6, 2025
vLLM uses Python 3.12 built-in hash() which leads to predictable hash collisions in prefix cache Low
CVE-2025-25183 was published for vllm (pip) Feb 6, 2025
kexinoh
Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation... Low Unreviewed
CVE-2024-57956 was published Feb 6, 2025
An insufficient verification of data authenticity vulnerability exists in BIG-IP APM Access... Low Unreviewed
CVE-2025-23415 was published Feb 5, 2025
A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS... Low Unreviewed
CVE-2025-20185 was published Feb 5, 2025
ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability... Low Unreviewed
CVE-2024-9097 was published Feb 5, 2025
When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could... Low Unreviewed
CVE-2025-0167 was published Feb 5, 2025
An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17... Low Unreviewed
CVE-2024-5528 was published Feb 5, 2025
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a remote... Low Unreviewed
CVE-2024-45658 was published Feb 4, 2025
Authentication Bypass Using an Alternate Path in Galaxy Store prior to version 4.5.87.6 allows... Low Unreviewed
CVE-2025-20895 was published Feb 4, 2025
Dell PowerProtect DD, versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.10 contains a use of... Low Unreviewed
CVE-2025-22475 was published Feb 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database