Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,835
Erlang
36
GitHub Actions
33
Go
2,452
Maven
5,000+
npm
4,077
NuGet
723
pip
3,868
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,117 advisories

Loading
matrix-media-repo (MMR) allows unauthenticated writes to the media repository, which may allow planting of problematic content Moderate
CVE-2024-36402 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
CRI-O has Potential High Memory Consumption from File Read Moderate
CVE-2025-4437 was published for github.com/cri-o/cri-o (Go) Aug 20, 2025
Matrix Media Repo (MMR) allows untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders Moderate
CVE-2024-56515 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
matrix-media-repo (MMR) allows a denial of service through memory exhaustion Moderate
CVE-2024-52791 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
Matrix Media Repo (MMR) allows Server-Side Request Forgery (SSRF) on redirects and federation Moderate
CVE-2024-52602 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
S7evinK
Default Credentials in nginx-defender Configuration Files Moderate
CVE-2025-55740 was published for github.com/Anipaleja/nginx-defender (Go) Aug 19, 2025
Anipaleja
HTTP/2 Stream Cancellation Attack Moderate
CVE-2023-44487 was published for com.typesafe.akka:akka-http-core (Go) Oct 10, 2023
joakime faroukfaiz10
DuyTran-TomTom derekheld ebickle westonsteimel
OpenFGA Authorization Bypass Moderate
CVE-2025-55213 was published for github.com/openfga/openfga (Go) Aug 18, 2025
Mattermost Server Sensitive Data Exposure Moderate
CVE-2020-14457 was published for github.com/mattermost/mattermost-server/v5 (Go) May 24, 2022
Information Disclosure in Amazon ECS Container Agent Moderate
CVE-2025-9039 was published for github.com/aws/amazon-ecs-agent (Go) Aug 14, 2025
Helm May Panic Due To Incorrect YAML Content Moderate
CVE-2025-55198 was published for helm.sh/helm/v3 (Go) Aug 14, 2025
jake-ciolek
Helm Charts with Specific JSON Schema Values Can Cause Memory Exhaustion Moderate
CVE-2025-55199 was published for helm.sh/helm/v3 (Go) Aug 14, 2025
jake-ciolek
go-pg SQL injection vulnerability via the component /types/append_value.go Moderate
CVE-2024-44905 was published for github.com/go-pg/pg (Go) Jun 12, 2025
elliotcourant
uptrace pgdriver SQL injection vulnerability Moderate
CVE-2024-44906 was published for github.com/uptrace/bun/driver/pgdriver (Go) Jun 12, 2025
maxfierke Aoang
OpenBao allows cancellation of root rekey and recovery rekey operations without authentication Moderate
CVE-2025-52894 was published for github.com/openbao/openbao (Go) Jun 26, 2025
cipherboy
Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions Moderate
CVE-2025-54463 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Moderate
CVE-2025-54458 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Moderate
CVE-2025-53910 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Improper Check for Unusual or Exceptional Conditions Moderate
CVE-2025-53514 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Moderate
CVE-2025-8285 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Moderate
CVE-2025-48731 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Mattermost Confluence Plugin has Missing Authorization vulnerability Moderate
CVE-2025-44001 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
OpenBao Login MFA Bypass of Rate Limiting and TOTP Token Reuse Moderate
CVE-2025-55003 was published for github.com/openbao/openbao (Go) Aug 8, 2025
OpenBao LDAP MFA Enforcement Bypass When Using Username As Alias Moderate
CVE-2025-55001 was published for github.com/openbao/openbao (Go) Aug 8, 2025
OpenBao TOTP Secrets Engine Code Reuse Moderate
CVE-2025-55000 was published for github.com/openbao/openbao (Go) Aug 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database