Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

270,186 advisories

Loading
A SQL injection vulnerability exists in OS4Ed Open Source Information System Community v8.0 via... Critical Unreviewed
CVE-2021-41691 was published Jun 26, 2025
Improper Restriction of Excessive Authentication Attempts vulnerability in Art-in Bilişim... Critical Unreviewed
CVE-2025-4383 was published Jun 26, 2025
NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an... High Unreviewed
CVE-2025-23264 was published Jun 26, 2025
NVIDIA Megatron-LM for all platforms contains a vulnerability in a python component where an... High Unreviewed
CVE-2025-23265 was published Jun 26, 2025
A vulnerability classified as problematic was found in code-projects School Fees Payment System 1... Moderate Unreviewed
CVE-2025-6569 was published Jun 26, 2025
A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle... Moderate Unreviewed
CVE-2025-5318 was published Jun 26, 2025
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2... Critical Unreviewed
CVE-2025-32975 was published Jun 26, 2025
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.2.0.3... High Unreviewed
CVE-2025-27827 was published Jun 26, 2025
A vulnerability was found in oatpp Oat++ up to 1.3.1. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-6566 was published Jun 26, 2025
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2... High Unreviewed
CVE-2025-32976 was published Jun 26, 2025
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2... Critical Unreviewed
CVE-2025-32977 was published Jun 26, 2025
Incorrect Permission Assignment for Critical Resource in the TeamViewer Client (Full and Host) of... High Unreviewed
CVE-2025-36537 was published Jun 26, 2025
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4,... High Unreviewed
CVE-2025-27828 was published Jun 26, 2025
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2... High Unreviewed
CVE-2025-32978 was published Jun 26, 2025
If a user saved a response from the Network tab in Devtools using the Save As context menu option... High Unreviewed
CVE-2025-6435 was published Jun 26, 2025
When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when... High Unreviewed
CVE-2025-6432 was published Jun 26, 2025
If a user visited a webpage with an invalid TLS certificate, and granted an exception, the... Critical Unreviewed
CVE-2025-6433 was published Jun 26, 2025
A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been classified as critical. This... High Unreviewed
CVE-2025-6565 was published Jun 26, 2025
When a link can be opened in an external application, Firefox for Android will, by default,... Moderate Unreviewed
CVE-2025-6431 was published Jun 26, 2025
The exception page for the HTTPS-Only feature, displayed when a website is opened via HTTP,... Moderate Unreviewed
CVE-2025-6434 was published Jun 26, 2025
A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability... Critical Unreviewed
CVE-2025-6424 was published Jun 26, 2025
An attacker who enumerated resources from the WebCompat extension could have obtained a... Moderate Unreviewed
CVE-2025-6425 was published Jun 26, 2025
When a file download is specified via the `Content-Disposition` header, that directive would be... Moderate Unreviewed
CVE-2025-6430 was published Jun 26, 2025
An attacker was able to bypass the `connect-src` directive of a Content Security Policy by... Critical Unreviewed
CVE-2025-6427 was published Jun 26, 2025
When a URL was provided in a link querystring parameter, Firefox for Android would follow that... Moderate Unreviewed
CVE-2025-6428 was published Jun 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database