GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,117
Composer 4,330
Erlang 31
GitHub Actions 21
Go 2,091
Maven 5,253
npm 3,756
NuGet 678
pip 3,443
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,177

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

112,917 advisories

Filter by severity

Sort by

Least recently updated

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... Moderate Unreviewed

CVE-2025-21530 was published Jan 21, 2025

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed

CVE-2025-21531 was published Jan 21, 2025

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported... Moderate Unreviewed

CVE-2025-21525 was published Jan 21, 2025

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). ... Moderate Unreviewed

CVE-2025-21536 was published Jan 21, 2025

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed

CVE-2025-21491 was published Jan 21, 2025

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite ... Moderate Unreviewed

CVE-2025-21489 was published Jan 21, 2025

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component:... Moderate Unreviewed

CVE-2024-21245 was published Jan 21, 2025

Homarr before v0.14.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability... Moderate Unreviewed

CVE-2023-45908 was published Jan 21, 2025

An improper verification of cryptographic signature vulnerability was identified in GitHub... Moderate Unreviewed

CVE-2025-23369 was published Jan 21, 2025

In JetBrains TeamCity before 2024.12.1 reflected XSS was possible on the Vault Connection page Moderate Unreviewed

CVE-2025-24459 was published Jan 21, 2025

In JetBrains YouTrack before 2024.3.55417 permanent tokens could be exposed in logs Moderate Unreviewed

CVE-2025-24457 was published Jan 21, 2025

In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper... Moderate Unreviewed

CVE-2025-24461 was published Jan 21, 2025

In JetBrains TeamCity before 2024.12.1 improper access control allowed to see Projects’ names in... Moderate Unreviewed

CVE-2025-24460 was published Jan 21, 2025

In JetBrains Hub before 2024.3.55417 privilege escalation was possible via LDAP authentication... Moderate Unreviewed

CVE-2025-24456 was published Jan 21, 2025

A Cross-Site Request Forgery (CSRF) vulnerability has been found in SpagoBI v3.5.1 in the user... Moderate Unreviewed

CVE-2024-54792 was published Jan 21, 2025

SpagoBI v3.5.1 contains multiple Stored Cross-Site Scripting (XSS) vulnerabilities in the create... Moderate Unreviewed

CVE-2024-54795 was published Jan 21, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-22661 was published Jan 21, 2025

Missing Authorization vulnerability in Widget Options Team Widget Options allows Exploiting... Moderate Unreviewed

CVE-2025-22722 was published Jan 21, 2025

Missing Authorization vulnerability in Farhan Noor ApplyOnline – Application Form Builder and... Moderate Unreviewed

CVE-2025-22721 was published Jan 21, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-22276 was published Jan 21, 2025

Cross-Site Request Forgery (CSRF) vulnerability in anyroad.com AnyRoad allows Cross Site Request... Moderate Unreviewed

CVE-2025-23996 was published Jan 21, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-22267 was published Jan 21, 2025

PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /doctor... Moderate Unreviewed

CVE-2024-56997 was published Jan 21, 2025

PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) in /edit... Moderate Unreviewed

CVE-2024-56998 was published Jan 21, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-22262 was published Jan 21, 2025

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

112,917 advisories