Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,865 advisories

Loading
Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is... Critical Unreviewed
CVE-2025-8904 was published Aug 13, 2025
Hyland OnBase versions prior to 17.0.2.87 (other versions may be affected) are vulnerable to... Critical Unreviewed
CVE-2025-34153 was published Aug 13, 2025
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that... Critical Unreviewed
CVE-2021-35393 was published May 24, 2022
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.... Critical Unreviewed
CVE-2022-1292 was published May 4, 2022
The LatePoint WordPress plugin before 5.1.94 is vulnerable to Local File Inclusion via the... Critical Unreviewed
CVE-2025-6715 was published Aug 13, 2025
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent:... Critical Unreviewed
CVE-2017-3248 was published May 14, 2022
Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability,... Critical Unreviewed
CVE-2025-8913 was published Aug 13, 2025
A vulnerability was identified in INSTAR 2K+ and 4K 3.11.1 Build 1124. This affects the function... Critical Unreviewed
CVE-2025-8760 was published Aug 13, 2025
The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-7384 was published Aug 13, 2025
Untrusted search path in certain Zoom Clients for Windows may allow an unauthenticated user to... Critical Unreviewed
CVE-2025-49457 was published Aug 13, 2025
IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain... Critical Unreviewed
CVE-2023-43029 was published Mar 21, 2025
Prototype Pollution in lodash Critical
CVE-2019-10744 was published for lodash (RubyGems) Jul 10, 2019
G-Rath
ExecuTorch out-of-bounds access vulnerability Critical
CVE-2025-54950 was published for executorch (pip) Aug 8, 2025
ExecuTorch vulnerable to Heap-based Buffer Overflow Critical
CVE-2025-54951 was published for executorch (pip) Aug 8, 2025
ExecuTorch heap buffer overflow vulnerability Critical
CVE-2025-54949 was published for executorch (pip) Aug 8, 2025
ExecuTorch integer overflow vulnerability Critical
CVE-2025-30405 was published for executorch (pip) Aug 8, 2025
ExecuTorch integer overflow vulnerability Critical
CVE-2025-30404 was published for executorch (pip) Aug 8, 2025
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a... Critical Unreviewed
CVE-2025-53766 was published Aug 12, 2025
Untrusted pointer dereference in Microsoft Graphics Component allows an unauthorized attacker to... Critical Unreviewed
CVE-2025-50165 was published Aug 12, 2025
Missing authorization in Remote Desktop Server allows an unauthorized attacker to perform... Critical Unreviewed
CVE-2025-50171 was published Aug 12, 2025
Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet... Critical Unreviewed
CVE-2025-24325 was published Aug 12, 2025
ruby-jwt v3.0.0.beta1 was discovered to contain weak encryption. NOTE: the Supplier's perspective... Critical Unreviewed
CVE-2025-45765 was published Aug 7, 2025
An issue was discovered in BMC Control-M 9.0.21.300. When Control-M Server has a database... Critical Unreviewed
CVE-2025-48709 was published Aug 7, 2025
A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801,... Critical Unreviewed
CVE-2023-24845 was published Aug 8, 2023
A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Critical Unreviewed
CVE-2021-42018 was published Mar 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database