Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,868 advisories

Loading
ExecuTorch heap buffer overflow vulnerability Critical
CVE-2025-54949 was published for executorch (pip) Aug 8, 2025
ExecuTorch out-of-bounds access vulnerability Critical
CVE-2025-54950 was published for executorch (pip) Aug 8, 2025
ExecuTorch vulnerable to Heap-based Buffer Overflow Critical
CVE-2025-54951 was published for executorch (pip) Aug 8, 2025
ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective... Critical Unreviewed
CVE-2025-45765 was published Aug 7, 2025
An issue was discovered in BMC Control-M 9.0.21.300. When Control-M Server has a database... Critical Unreviewed
CVE-2025-48709 was published Aug 7, 2025
Azure Portal Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-53792 was published Aug 7, 2025
Azure OpenAI Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-53767 was published Aug 7, 2025
FoxCMS <=v1.2.5 is vulnerable to Code Execution in admin/template_file/editFile.html. Critical Unreviewed
CVE-2025-50692 was published Aug 7, 2025
JWE is missing AES-GCM authentication tag validation in encrypted JWE Critical
CVE-2025-54887 was published for jwe (RubyGems) Aug 7, 2025
Sideni
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-41527 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in... Critical Unreviewed
CVE-2023-41528 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-41525 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain multiple SQL injection vulnerabilities in... Critical Unreviewed
CVE-2023-41526 was published Aug 7, 2025
Hospital Management System v4 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2023-41530 was published Aug 7, 2025
A command injection vulnerability exists in the 'passwd' parameter of the PPPoE setup process on... Critical Unreviewed
CVE-2025-34151 was published Aug 7, 2025
An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi... Critical Unreviewed
CVE-2025-34152 was published Aug 7, 2025
An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi... Critical Unreviewed
CVE-2025-34148 was published Aug 7, 2025
A command injection vulnerability affects the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model... Critical Unreviewed
CVE-2025-34149 was published Aug 7, 2025
The PPPoE configuration interface of the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02... Critical Unreviewed
CVE-2025-34150 was published Aug 7, 2025
Tigo Energy's Cloud Connect Advanced (CCA) device contains hard-coded credentials that allow... Critical Unreviewed
CVE-2025-7768 was published Aug 6, 2025
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Once access is gained either... Critical Unreviewed
CVE-2025-30127 was published Aug 6, 2025
NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker... Critical Unreviewed
CVE-2025-23317 was published Aug 6, 2025
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker... Critical Unreviewed
CVE-2025-23310 was published Aug 6, 2025
NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a stack... Critical Unreviewed
CVE-2025-23311 was published Aug 6, 2025
CL4/6NX Plus and CL4/6NX-J Plus (Japan model) with the firmware versions prior to 1.15.5-r1 allow... Critical Unreviewed
CVE-2025-22470 was published Aug 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database