Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,152
Maven
5,000+
npm
3,816
NuGet
692
pip
3,492
Pub
12
RubyGems
902
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,296 advisories

Loading
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-20626 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-22443 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-22835 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through NULL pointer... Low Unreviewed
CVE-2025-22837 was published Mar 4, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre... Low Unreviewed
CVE-2025-0587 was published Mar 4, 2025
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical.... Low Unreviewed
CVE-2025-1882 was published Mar 3, 2025
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been classified as... Low Unreviewed
CVE-2025-1880 was published Mar 3, 2025
A vulnerability was found in i-Drive i11 and i12 up to 20250227 and classified as problematic.... Low Unreviewed
CVE-2025-1879 was published Mar 3, 2025
A vulnerability has been found in i-Drive i11 and i12 up to 20250227 and classified as... Low Unreviewed
CVE-2025-1878 was published Mar 3, 2025
IBM Cognos Analytics Mobile 1.1 for Android could allow a user with physical access to the device... Low Unreviewed
CVE-2025-0895 was published Mar 2, 2025
IBM Cognos Analytics Mobile 1.1 for iOS application could allow an attacker to reverse engineer... Low Unreviewed
CVE-2024-55907 was published Mar 2, 2025
During an address list folding when a separating comma ends up on a folded line and that line is... Low Unreviewed
CVE-2025-1795 was published Feb 28, 2025
In the "/EPMUI/ModalDlgHandler.ashx?value=showReadonlyDlg" endpoint, it is possible to inject... Low Unreviewed
CVE-2025-22272 was published Feb 28, 2025
It is possible to inject HTML code into the page content using the "content" field in the ... Low Unreviewed
CVE-2025-22274 was published Feb 28, 2025
An improper access control issue in the VQL shell feature in Velociraptor Versions < 0.73.4... Low Unreviewed
CVE-2025-0914 was published Feb 27, 2025
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed... Low Unreviewed
CVE-2024-56494 was published Feb 27, 2025
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed... Low Unreviewed
CVE-2024-56495 was published Feb 27, 2025
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed... Low Unreviewed
CVE-2024-56493 was published Feb 27, 2025
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed... Low Unreviewed
CVE-2024-56496 was published Feb 27, 2025
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed... Low Unreviewed
CVE-2024-56810 was published Feb 27, 2025
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed... Low Unreviewed
CVE-2024-56811 was published Feb 27, 2025
IBM EntireX 11.1 could allow a local user to obtain sensitive information when a detailed... Low Unreviewed
CVE-2024-56812 was published Feb 27, 2025
IBM EntireX 11.1 could allow a local user to unintentionally modify data timestamp integrity due... Low Unreviewed
CVE-2025-0759 was published Feb 27, 2025
A Credential Disclosure vulnerability exists where an administrator could extract the stored SMTP... Low Unreviewed
CVE-2025-0760 was published Feb 26, 2025
A SQL injection vulnerability in the JoomShopping component versions 1.0.0-1.4.3 for Joomla... Low Unreviewed
CVE-2025-22211 was published Feb 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database