Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

45 advisories

Loading
Mattermost Mobile versions <=2.22.0 fail to properly handle posts with attachments containing... Moderate Unreviewed
CVE-2025-20630 was published Jan 16, 2025
Mattermost webapp crash via a crafted post Moderate
CVE-2025-20621 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 16, 2025
Mattermost Mobile Apps versions <=2.22.0 fail to properly handle specially crafted attachment... Moderate Unreviewed
CVE-2025-0476 was published Jan 16, 2025
Mattermost Mobile Apps versions <=2.22.0 fail to properly validate post props which allows a... Moderate Unreviewed
CVE-2025-20036 was published Jan 15, 2025
Mattermost Mobile Apps versions <=2.22.0 fail to properly validate post props which allows a... Moderate Unreviewed
CVE-2025-21083 was published Jan 15, 2025
Mattermost fails to properly validate post props Moderate
CVE-2025-20086 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 15, 2025
Mattermost fails to properly validate post props Moderate
CVE-2025-20088 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 15, 2025
Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow... High Unreviewed
CVE-2024-48858 was published Jan 14, 2025
Mattermost Improper Validation of Specified Type of Input vulnerability Moderate
CVE-2025-20033 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 9, 2025
OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which attackers can use to... Critical Unreviewed
CVE-2024-5594 was published Jan 6, 2025
An improper parsing vulnerability was reported in the FileZ client that could allow a crafted... High Unreviewed
CVE-2024-8058 was published Dec 16, 2024
Mattermost Improper Validation of Specified Type of Input vulnerability Moderate
CVE-2024-54083 was published for github.com/mattermost/mattermost/server/v8 (Go) Dec 16, 2024
Data Validation / Data Sanitization vulnerabilities in Linux allows unvalidated and unsanitized... Critical Unreviewed
CVE-2024-51550 was published Dec 5, 2024
Default Credentail vulnerabilities in ASPECT on Linux allows access to the product using publicly... Critical Unreviewed
CVE-2024-51551 was published Dec 5, 2024
Credentials Disclosure vulnerabilities allow access to on board project back-up bundles. ... High Unreviewed
CVE-2024-51546 was published Dec 5, 2024
Moxa’s IP Cameras are affected by a medium-severity vulnerability, CVE-2024-9404, which could... Moderate Unreviewed
CVE-2024-9404 was published Dec 4, 2024
Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation... High Unreviewed
CVE-2024-8403 was published Nov 19, 2024
The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may... Moderate Unreviewed
CVE-2023-29126 was published Nov 5, 2024
Improper validation of specified type of input for some Intel(R) PROSet/Wireless and Intel(R)... Moderate Unreviewed
CVE-2023-32651 was published Oct 29, 2024
A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA)... High Unreviewed
CVE-2024-20494 was published Oct 23, 2024
A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance... High Unreviewed
CVE-2024-20408 was published Oct 23, 2024
An Improper Validation of Specified Type of Input vulnerability in the packet forwarding engine ... High Unreviewed
CVE-2024-47504 was published Oct 11, 2024
The MiCard PLUS Ci and MiCard PLUS BLE reader products developed by rf IDEAS and rebranded by NT... Moderate Unreviewed
CVE-2024-1578 was published Sep 16, 2024
Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.62 allowed a... Moderate Unreviewed
CVE-2024-3175 was published Jul 17, 2024
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and... Critical Unreviewed
CVE-2024-4879 was published Jul 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database