Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,575 advisories

Loading
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-9326 was published Sep 2, 2025
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-9328 was published Sep 2, 2025
ATEN eco DC Missing Authorization Privilege Escalation Vulnerability. This vulnerability allows... High Unreviewed
CVE-2025-6685 was published Sep 2, 2025
Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution... High Unreviewed
CVE-2025-7976 was published Sep 2, 2025
There is an out of bounds write vulnerability due to improper bounds checking in displ2.dll when... High Unreviewed
CVE-2025-57777 was published Sep 2, 2025
There is an out of bounds write vulnerability due to improper bounds checking resulting in an... High Unreviewed
CVE-2025-57776 was published Sep 2, 2025
There is an out of bounds write vulnerability due to improper bounds checking resulting in an... High Unreviewed
CVE-2025-57778 was published Sep 2, 2025
There is a heap-based Buffer Overflow vulnerability due to improper bounds checking when parsing... High Unreviewed
CVE-2025-57775 was published Sep 2, 2025
There is an out of bounds write vulnerability due to improper bounds checking resulting in... High Unreviewed
CVE-2025-57774 was published Sep 2, 2025
There is a deserialization of untrusted data vulnerability in Digilent DASYLab. This... High Unreviewed
CVE-2025-9188 was published Sep 2, 2025
There is an out of bounds write vulnerability due to improper bounds checking resulting in a... High Unreviewed
CVE-2025-9189 was published Sep 2, 2025
The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities,... High Unreviewed
CVE-2025-54599 was published Sep 2, 2025
An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) Null pointer dereference... High Unreviewed
CVE-2025-57612 was published Sep 2, 2025
Oxford Instruments Imaris Viewer IMS File Parsing Uninitialized Pointer Remote Code Execution... High Unreviewed
CVE-2025-9274 was published Sep 2, 2025
Undertow MadeYouReset HTTP/2 DDoS Vulnerability High
CVE-2025-9784 was published for io.undertow:undertow-core (Maven) Sep 2, 2025
In Bouncy Castle JCE Provider ECDSA does not fully validate ASN.1 encoding of signature on verification High
CVE-2016-1000342 was published for org.bouncycastle:bcprov-jdk14 (Maven) Oct 17, 2018
AndrzejBiernacki2010
Protobuf Java vulnerable to Uncontrolled Resource Consumption High
CVE-2022-3510 was published for com.google.protobuf:protobuf-java (Maven) Dec 12, 2022
levpachmanov
Protobuf Java vulnerable to Uncontrolled Resource Consumption High
CVE-2022-3509 was published for com.google.protobuf:protobuf-java (Maven) Dec 12, 2022
levpachmanov
Command Injection via sonarqube-scan-action GitHub Action High
CVE-2025-58178 was published for SonarSource/sonarqube-scan-action (GitHub Actions) Sep 2, 2025
Torbjorn-Svensson
arenavec has multiple memory corruption vulnerabilities in safe APIs High
GHSA-3632-54q8-m96x was published for arenavec (Rust) Sep 2, 2025
PocketMine-MP `ResourcePackDataInfoPacket` amplification vulnerability due to lack of resource pack sequence status checking High
GHSA-fqqv-56h5-f57g was published for pocketmine/pocketmine-mp (Composer) Sep 2, 2025
Zwuiix-cmd dktapps
ESP-IDF web_server basic auth bypass using empty or incomplete Authorization header High
CVE-2025-57808 was published for esphome (pip) Sep 2, 2025
bcat
A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element... High Unreviewed
CVE-2025-9815 was published Sep 2, 2025
In Modem, there is a possible out of bounds write due to an incorrect bounds check. This could... High Unreviewed
CVE-2025-20708 was published Sep 2, 2025
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead... High Unreviewed
CVE-2025-20704 was published Sep 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database