Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,572 advisories

Loading
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-57889 was published Sep 5, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-53307 was published Sep 5, 2025
In Skia, there is a possible out of bounds write due to a heap buffer overflow. This could lead... High Unreviewed
CVE-2025-32318 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ericzane Floating Window Music Player allows... High Unreviewed
CVE-2025-48104 was published Sep 5, 2025
Path Traversal vulnerability in Stefan Keller WooCommerce Payment Gateway for Saferpay allows... High Unreviewed
CVE-2025-48317 was published Sep 5, 2025
Some payload elements of the messages sent between two stations in a networking architecture are... High Unreviewed
CVE-2025-9999 was published Sep 5, 2025
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air... High Unreviewed
CVE-2025-30199 was published Sep 5, 2025
In loadDrawableForCookie of ResourcesImpl.java, there is a possible way to access task snapshots... High Unreviewed
CVE-2025-26452 was published Sep 5, 2025
In AccessibilityServiceConnection.java, there is a possible background activity launch due to a... High Unreviewed
CVE-2025-26462 was published Sep 5, 2025
In updateState of ContentProtectionTogglePreferenceController.java, there is a possible way for a... High Unreviewed
CVE-2025-26435 was published Sep 5, 2025
In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without... High Unreviewed
CVE-2025-26443 was published Sep 5, 2025
In onHandleForceStop of VoiceInteractionManagerService.java, there is a bug that could cause the... High Unreviewed
CVE-2025-26444 was published Sep 5, 2025
In multiple functions of LocationProviderManager.java, there is a possible background activity... High Unreviewed
CVE-2025-26458 was published Sep 5, 2025
In onInputEvent of IInputMethodSessionWrapper.java, there is a possible way for an untrusted app... High Unreviewed
CVE-2025-26450 was published Sep 5, 2025
In clearAllowBgActivityStarts of PendingIntentRecord.java, there is a possible way for an... High Unreviewed
CVE-2025-26436 was published Sep 5, 2025
In multiple functions of CameraService.cpp, there is a possible way to use the camera from the... High Unreviewed
CVE-2025-26440 was published Sep 5, 2025
In multiple functions of NdkMediaCodec.cpp, there is a possible out of bounds write due to a heap... High Unreviewed
CVE-2025-26455 was published Sep 5, 2025
In createIntentsList of PackageParser.java , there is a possible way to bypass lazy bundle... High Unreviewed
CVE-2025-32312 was published Sep 5, 2025
In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due... High Unreviewed
CVE-2025-26430 was published Sep 5, 2025
pgadmin4 is affected by a Cross-Origin Opener Policy (COOP) vulnerability High
CVE-2025-9636 was published for pgadmin4 (pip) Sep 5, 2025
NVIDIA DOCA contains a vulnerability in the collectx-dpeserver Debian package for arm64 that... High Unreviewed
CVE-2025-23258 was published Sep 5, 2025
NVIDIA DOCA contains a vulnerability in the collectx-clxapidev Debian package that could allow an... High Unreviewed
CVE-2025-23257 was published Sep 5, 2025
NVIDIA BlueField contains a vulnerability in the management interface, where an attacker with... High Unreviewed
CVE-2025-23256 was published Sep 5, 2025
Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release... High Unreviewed
CVE-2023-21475 was published Sep 5, 2025
Out-of-bounds Write vulnerability in libaudiosaplus_sec.so library prior to SMR Apr-2023 Release... High Unreviewed
CVE-2023-21476 was published Sep 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database