Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,110
NuGet
735
pip
3,933
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,418 advisories

Loading
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... Low Unreviewed
CVE-2025-8448 was published Aug 20, 2025
Vite middleware may serve files starting with the same name with the public directory Low
CVE-2025-58751 was published for vite (npm) Sep 9, 2025
orihjfrog lukeed
Vite's `server.fs` settings were not applied to HTML files Low
CVE-2025-58752 was published for vite (npm) Sep 9, 2025
orihjfrog dominikg
A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly... Low Unreviewed
CVE-2025-8277 was published Sep 9, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The... Low Unreviewed
CVE-2025-40803 was published Sep 9, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The... Low Unreviewed
CVE-2025-40802 was published Sep 9, 2025
Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an... Low Unreviewed
CVE-2025-42913 was published Sep 9, 2025
Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an... Low Unreviewed
CVE-2025-42914 was published Sep 9, 2025
SAP NetWeaver AS Java application uses Adobe Document Service, installed with a vulnerable... Low Unreviewed
CVE-2025-42927 was published Sep 9, 2025
A reflected cross-site scripting (XSS) vulnerability in the Liferay Portal 7.4.3.132, and Liferay... Low Unreviewed
CVE-2025-43774 was published Sep 9, 2025
dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the... Low Unreviewed
CVE-2024-48341 was published Sep 8, 2025
Fides has a Lack of Brute-Force Protections on Authentication Endpoints Low
CVE-2025-57815 was published for ethyca-fides (pip) Sep 8, 2025
thabofletcher daveqnet
Fides' Admin UI User Password Change Does Not Invalidate Current Session Low
CVE-2025-57766 was published for ethyca-fides (pip) Sep 8, 2025
thabofletcher adamsachs
daveqnet
PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023... Low Unreviewed
CVE-2023-21466 was published Sep 8, 2025
When Bazel Plugin in intellij imports a project (either using "import project" or "Auto import")... Low Unreviewed
CVE-2024-5899 was published Jun 18, 2024
7-Zip before 25.01 does not always properly handle symbolic links during extraction. Low Unreviewed
CVE-2025-55188 was published Aug 8, 2025
A vulnerability has been found in running-elephant Datart up to 1.0.0-rc3. Affected by this issue... Low Unreviewed
CVE-2025-10080 was published Sep 8, 2025
RICOH Streamline NX versions 3.5.1 to 24R3 are vulnerable to tampering with operation history. If... Low Unreviewed
CVE-2025-58422 was published Sep 8, 2025
Android apps can load web pages using the Custom Tabs feature. This feature supports a transition... Low Unreviewed
CVE-2025-1939 was published Mar 4, 2025
Improper removal of sensitive information before storage or transfer in AMD Crash Defender could... Low Unreviewed
CVE-2025-0011 was published Sep 6, 2025
Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from... Low Unreviewed
CVE-2023-31326 was published Sep 6, 2025
An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious... Low Unreviewed
CVE-2023-31330 was published Sep 6, 2025
Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor... Low Unreviewed
CVE-2024-36331 was published Sep 6, 2025
An integer overflow in the SMU could allow a privileged attacker to potentially write memory... Low Unreviewed
CVE-2023-31365 was published Sep 6, 2025
Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a... Low Unreviewed
CVE-2021-46750 was published Sep 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database