GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,826
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,020
Swift 39

Unreviewed advisories

All unreviewed 269,093

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

111,572 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Figma Desktop for Windows version 125.6.5 contains a command injection vulnerability in the local... High Unreviewed

CVE-2025-56803 was published Sep 8, 2025

In shouldAllowFgsWhileInUsePermissionLocked of ActiveServices.java, there is a possible way to... High Unreviewed

CVE-2022-20356 was published Aug 11, 2022

In SAEMM_DiscloseMsId of SAEMM_RadioMessageCodec.c, there is a possible out of bounds read due to... High Unreviewed

CVE-2024-56189 was published Sep 4, 2025

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... High Unreviewed

CVE-2021-22825 was published Jan 29, 2022

The MOD3 command traffic between the monitoring application and the inverter is transmitted in... High Unreviewed

CVE-2025-52586 was published Aug 8, 2025

Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects... High Unreviewed

CVE-2025-7677 was published Aug 11, 2025

A cross-site scripting (XSS) vulnerability in Smart Search & Filter Shopify App 1.0 allows a... High Unreviewed

CVE-2025-55998 was published Sep 8, 2025

A SQL Injection vulnerability was found in phpgurukul Complaint Management System 2.0. The... High Unreviewed

CVE-2025-57147 was published Sep 3, 2025

A vulnerability ( CVE-2025-21176 https://www.cve.org/CVERecord ) exists in DiaSymReader.dll due... High Unreviewed

CVE-2025-36855 was published Sep 8, 2025

A vulnerability (CVE-2025-21172) exists in msdia140.dll due to integer overflow and heap-based... High Unreviewed

CVE-2025-36853 was published Sep 8, 2025

A vulnerability ( CVE-2024-38229 https://www.cve.org/CVERecord ) exists in EOL ASP.NET when... High Unreviewed

CVE-2025-36854 was published Sep 8, 2025

Tenda AC8 v16.03.34.06 is vulnerable to Buffer Overflow in the formWifiBasicSet function via the... High Unreviewed

CVE-2025-55852 was published Sep 8, 2025

FoxCMS v1.2.5 and before is vulnerable to SQL Injection via the column_model parameter in the app... High Unreviewed

CVE-2025-56630 was published Sep 8, 2025

A request smuggling vulnerability existed in the Google Cloud Classic Application Load Balancer... High Unreviewed

CVE-2025-4600 was published May 16, 2025

A low-privileged remote attacker could gain unauthorized access to critical resources, such as... High Unreviewed

CVE-2025-41664 was published Sep 8, 2025

Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An... High Unreviewed

CVE-2025-41708 was published Sep 8, 2025

An authenticated, low-privileged attacker can obtain credentials stored on the charge controller... High Unreviewed

CVE-2025-41682 was published Sep 8, 2025

Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This issue affects Danfoss AK-SM... High Unreviewed

CVE-2025-41450 was published May 8, 2025

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52... High Unreviewed

CVE-2025-3067 was published Apr 2, 2025

Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local... High Unreviewed

CVE-2025-0032 was published Sep 6, 2025

Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability... High Unreviewed

CVE-2023-31322 was published Sep 6, 2025

Improper isolation of shared resources on System-on-a-chip (SOC) could a privileged attacker to... High Unreviewed

CVE-2023-31325 was published Sep 6, 2025

Improper input validation in the system management mode (SMM) could allow a privileged attacker... High Unreviewed

CVE-2024-21947 was published Sep 6, 2025

Missing authorization in AMD RomArmor could allow an attacker to bypass ROMArmor protections... High Unreviewed

CVE-2024-36326 was published Sep 6, 2025

Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow... High Unreviewed

CVE-2024-36342 was published Sep 6, 2025

Previous 1…12…400 Next

Previous 1 2 … 10 11 12 13 14 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

111,572 advisories