Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,428 advisories

Loading
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through out-of-bounds... Low Unreviewed
CVE-2025-23235 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type... Low Unreviewed
CVE-2025-20063 was published Jun 8, 2025
SpiceDB checks involving relations with caveats can result in no permission when permission is expected Low
CVE-2025-49011 was published for github.com/authzed/spicedb (Go) Jun 6, 2025
miparnisari
An out-of-bounds read vulnerability has been reported to affect File Station 5. If a local ... Low Unreviewed
CVE-2025-29871 was published Jun 6, 2025
A cross-site scripting (XSS) vulnerability has been reported to affect License Center. If... Low Unreviewed
CVE-2024-50406 was published Jun 6, 2025
A use of externally-controlled format string vulnerability has been reported to affect Qsync... Low Unreviewed
CVE-2025-22482 was published Jun 6, 2025
A command injection vulnerability has been reported to affect QHora. If an attacker gains local... Low Unreviewed
CVE-2024-13087 was published Jun 6, 2025
A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic.... Low Unreviewed
CVE-2025-5715 was published Jun 6, 2025
A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the... Low Unreviewed
CVE-2025-5647 was published Jun 5, 2025
A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is... Low Unreviewed
CVE-2025-5648 was published Jun 5, 2025
A vulnerability has been found in Radare2 5.9.9 and classified as problematic. This vulnerability... Low Unreviewed
CVE-2025-5646 was published Jun 5, 2025
A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects... Low Unreviewed
CVE-2025-5645 was published Jun 5, 2025
A vulnerability, which was classified as problematic, has been found in Radare2 5.9.9. Affected... Low Unreviewed
CVE-2025-5644 was published Jun 5, 2025
A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. This issue affects... Low Unreviewed
CVE-2025-5641 was published Jun 5, 2025
A vulnerability classified as problematic has been found in Radare2 5.9.9. Affected is the... Low Unreviewed
CVE-2025-5642 was published Jun 5, 2025
A vulnerability classified as problematic was found in Radare2 5.9.9. Affected by this... Low Unreviewed
CVE-2025-5643 was published Jun 5, 2025
anon-vec lacks sufficient checks in public API Low
GHSA-pr59-jjr4-gcf6 was published for anon-vec (Rust) Jun 5, 2025
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an... Low Unreviewed
CVE-2025-20277 was published Jun 4, 2025
A vulnerability in the web-based management interface of Cisco Unified CCX could allow an... Low Unreviewed
CVE-2025-20276 was published Jun 4, 2025
setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev->size ... Low Unreviewed
CVE-2025-49112 was published Jun 2, 2025
Mattermost fails to properly enforce access control restrictions for System Manager roles Low
CVE-2025-3611 was published for github.com/mattermost/mattermost/server/v8 (Go) May 30, 2025
Mattermost fails to properly enforce access controls for guest users Low
CVE-2025-1792 was published for github.com/mattermost/mattermost/server/v8 (Go) May 30, 2025
Apache Tomcat - CGI security constraint bypass Low
CVE-2025-46701 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) May 29, 2025
Aim Vulnerable to Sandbox Escape Leading to Remote Code Execution Low
CVE-2025-5321 was published for aim (pip) May 29, 2025
Gradio CORS Origin Validation Bypass Vulnerability Low
CVE-2025-5320 was published for gradio (pip) May 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database