GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,151

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

126,633 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Silicon Labs Gecko OS DNS Response Processing Infinite Loop Denial-of-Service Vulnerability. This... Moderate Unreviewed

CVE-2025-2838 was published Mar 27, 2025

Local privilege escalation due to a binary hijacking vulnerability. The following products are... Moderate Unreviewed

CVE-2025-30407 was published Mar 27, 2025

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform... Moderate Unreviewed

CVE-2025-20226 was published Mar 27, 2025

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform... Moderate Unreviewed

CVE-2025-20227 was published Mar 27, 2025

In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions... Moderate Unreviewed

CVE-2025-20232 was published Mar 27, 2025

In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions... Moderate Unreviewed

CVE-2025-20228 was published Mar 27, 2025

An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have... Moderate Unreviewed

CVE-2024-55965 was published Mar 26, 2025

A cross-site scripting (XSS) vulnerability in ScriptCase before v1.0.003 - Build 3 allows... Moderate Unreviewed

CVE-2025-29322 was published Mar 26, 2025

Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows... Moderate Unreviewed

CVE-2025-2600 was published Mar 26, 2025

Client side access control bypass in the permission component in Devolutions Remote Desktop... Moderate Unreviewed

CVE-2025-2499 was published Mar 26, 2025

Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows... Moderate Unreviewed

CVE-2025-2562 was published Mar 26, 2025

An issue in Arris NVG443B 9.3.0h3d36 allows a physically proximate attacker to execute arbitrary... Moderate Unreviewed

CVE-2024-41643 was published Mar 26, 2025

There is a risk of unauthorized file uploads in GT-SoftControl and potential file overwrites due... Moderate Unreviewed

CVE-2025-2819 was published Mar 26, 2025

An authenticated attacker can compromise the availability of the device via the network Moderate Unreviewed

CVE-2025-2820 was published Mar 26, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-28885 was published Mar 26, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-26747 was published Mar 26, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-26922 was published Mar 26, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-26929 was published Mar 26, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-26923 was published Mar 26, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-26869 was published Mar 26, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-26739 was published Mar 26, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-26559 was published Mar 26, 2025

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed

CVE-2025-26537 was published Mar 26, 2025

The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin... Moderate Unreviewed

CVE-2025-2228 was published Mar 26, 2025

IBM Cognos Controller 11.0.0 through 11.1.0 is vulnerable to a Client-Side Desync (CSD) attack... Moderate Unreviewed

CVE-2022-39163 was published Mar 26, 2025

Previous 1…397…400 Next

Previous 1 2 … 395 396 397 398 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

126,633 advisories