Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

122,875 advisories

Loading
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability.... Moderate Unreviewed
CVE-2025-0571 was published Jan 30, 2025
Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability.... Moderate Unreviewed
CVE-2025-0570 was published Jan 30, 2025
Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This... Moderate Unreviewed
CVE-2025-0573 was published Jan 30, 2025
Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write... Moderate Unreviewed
CVE-2025-0572 was published Jan 30, 2025
Cleartext storage of sensitive information in the Zoom Jenkins Marketplace plugin before version... Moderate Unreviewed
CVE-2025-0142 was published Jan 30, 2025
A vulnerability was found in Codezips Gym Management System 1.0. It has been classified as... Moderate Unreviewed
CVE-2025-0881 was published Jan 30, 2025
A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical. This... Moderate Unreviewed
CVE-2025-0880 was published Jan 30, 2025
A vulnerability was found in code-projects Chat System up to 1.0. It has been declared as... Moderate Unreviewed
CVE-2025-0882 was published Jan 30, 2025
The Cloud MQTT service of the affected products supports wildcard topic subscription which could... Moderate Unreviewed
CVE-2025-0681 was published Jan 30, 2025
A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote... Moderate Unreviewed
CVE-2024-10026 was published Jan 30, 2025
Weaknesses in the generation of TCP/UDP source ports and some other header values in Google's... Moderate Unreviewed
CVE-2024-10603 was published Jan 30, 2025
Vulnerabilities in the algorithms used by Fuchsia to populate network protocol header fields,... Moderate Unreviewed
CVE-2024-10604 was published Jan 30, 2025
An improper input validation allows an unauthenticated attacker to alter PAM logs by sending a... Moderate Unreviewed
CVE-2025-24501 was published Jan 30, 2025
A specific authentication strategy allows to learn ids of PAM users associated with certain... Moderate Unreviewed
CVE-2025-24506 was published Jan 30, 2025
An improper session validation allows an unauthenticated attacker to cause certain request... Moderate Unreviewed
CVE-2025-24502 was published Jan 30, 2025
An improper input validation the CSRF filter results in unsanitized user input written to the... Moderate Unreviewed
CVE-2025-24504 was published Jan 30, 2025
A vulnerability, which was classified as critical, has been found in code-projects Simple Plugins... Moderate Unreviewed
CVE-2025-0874 was published Jan 30, 2025
A vulnerability classified as critical was found in itsourcecode Tailoring Management System 1.0.... Moderate Unreviewed
CVE-2025-0873 was published Jan 30, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS... Moderate Unreviewed
CVE-2025-24099 was published Jan 30, 2025
In versions 3.1.0 and lower of the Splunk Supporting Add-on for Active Directory, also known as... Moderate Unreviewed
CVE-2025-0367 was published Jan 30, 2025
A vulnerability classified as critical has been found in itsourcecode Tailoring Management System... Moderate Unreviewed
CVE-2025-0872 was published Jan 30, 2025
VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability. A malicious... Moderate Unreviewed
CVE-2025-22219 was published Jan 30, 2025
VMware Aria Operation for Logs contains a stored cross-site scripting vulnerability. A malicious... Moderate Unreviewed
CVE-2025-22221 was published Jan 30, 2025
VMware Aria Operations for Logs contains a privilege escalation vulnerability. A malicious actor... Moderate Unreviewed
CVE-2025-22220 was published Jan 30, 2025
Argo CD does not scrub secret values from patch errors Moderate
CVE-2025-23216 was published for github.com/argoproj/argo-cd/v2 (Go) Jan 30, 2025
svghadi
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database