Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,583 advisories

Loading
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could... High Unreviewed
CVE-2025-20708 was published Sep 2, 2025
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead... High Unreviewed
CVE-2025-20704 was published Sep 2, 2025
In BootROM, there is a possible missing validation for Certificate Type 0. This could lead to... High Unreviewed
CVE-2022-38691 was published Sep 2, 2025
In BootRom, there is a possible unchecked write address. This could lead to local escalation of... High Unreviewed
CVE-2022-38694 was published Sep 2, 2025
In Modem, there is a possible out of bounds read due to an incorrect bounds check. This could... High Unreviewed
CVE-2025-20703 was published Sep 2, 2025
In monitor_hang, there is a possible memory corruption due to use after free. This could lead to... High Unreviewed
CVE-2025-20705 was published Sep 2, 2025
In mbrain, there is a possible memory corruption due to use after free. This could lead to local... High Unreviewed
CVE-2025-20706 was published Sep 2, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-47696 was published Aug 31, 2025
Missing Authorization vulnerability in UkrSolution Barcode Scanner with Inventory & Order Manager... High Unreviewed
CVE-2024-32589 was published Aug 31, 2025
A heap-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12... High Unreviewed
CVE-2025-34164 was published Aug 30, 2025
A stack-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12... High Unreviewed
CVE-2025-34165 was published Aug 30, 2025
An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain sensitive information via the... High Unreviewed
CVE-2025-56577 was published Aug 29, 2025
Cross Site Scripting vulnerability in copyparty v.1.9.1 allows a local attacker to execute... High Unreviewed
CVE-2023-41471 was published Aug 29, 2025
Rancher Fleet Helm Values are stored inside BundleDeployment in plain text High
CVE-2024-52284 was published for github.com/rancher/fleet (Go) Aug 29, 2025
gnark affected by denial of service when computing scalar multiplication using fake-GLV algorithm High
CVE-2025-58157 was published for github.com/consensys/gnark (Go) Aug 29, 2025
The authenticated remote command execution (RCE) vulnerability exists in the Parental Control... High Unreviewed
CVE-2025-9377 was published Aug 29, 2025
A path traversal vulnerability has been reported to affect VioStor. If a remote attacker gains an... High Unreviewed
CVE-2025-52861 was published Aug 29, 2025
An improper certificate validation vulnerability has been reported to affect Qsync Central. If a... High Unreviewed
CVE-2025-30278 was published Aug 29, 2025
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker... High Unreviewed
CVE-2025-33036 was published Aug 29, 2025
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker... High Unreviewed
CVE-2025-33033 was published Aug 29, 2025
An improper certificate validation vulnerability has been reported to affect Qsync Central. If a... High Unreviewed
CVE-2025-30277 was published Aug 29, 2025
An out-of-bounds write vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2025-30273 was published Aug 29, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... High Unreviewed
CVE-2025-30260 was published Aug 29, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... High Unreviewed
CVE-2025-30261 was published Aug 29, 2025
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker... High Unreviewed
CVE-2025-33038 was published Aug 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database