Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,847 advisories

Loading
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-58628 was published Sep 5, 2025
BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbson 1.1.7, which has several... Critical Unreviewed
CVE-2025-40906 was published May 16, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image... Critical Unreviewed
CVE-2025-58819 was published Sep 5, 2025
An unauthenticated attacker can trigger a stack based buffer overflow in the DP Service (TCP port... Critical Unreviewed
CVE-2024-52544 was published Dec 3, 2024
A logic vulnerability in the the mobile application (com.transsion.applock) can lead to bypassing... Critical Unreviewed
CVE-2024-12603 was published Dec 13, 2024
Logic vulnerability in the mobile application (com.transsion.carlcare) may lead to the risk of... Critical Unreviewed
CVE-2025-1298 was published Feb 14, 2025
Deserialization of Untrusted Data vulnerability in Sitecore Experience Manager (XM), Sitecore... Critical Unreviewed
CVE-2025-53690 was published Sep 5, 2025
Azure Bot Service Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-55244 was published Sep 5, 2025
Azure Networking Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-54914 was published Sep 5, 2025
Azure Entra Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-55241 was published Sep 5, 2025
RADIUS Protocol under RFC 2865 is susceptible to forgery attacks by a local attacker who can... Critical Unreviewed
CVE-2024-3596 was published Jul 9, 2024
In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to block security updates... Critical Unreviewed
CVE-2025-48581 was published Sep 4, 2025
Pixar OpenUSD Sdf_PathNode Module Use-After-Free Vulnerability Leading to Potential Remote Code Execution Critical
GHSA-58p5-r2f6-g2cj was published for usd-core (pip) Sep 4, 2025
bshyuunn
Input from search query parameter in GOV CMS is not sanitized properly, leading to a Blind SQL... Critical Unreviewed
CVE-2025-7385 was published Sep 4, 2025
N/A Critical Unreviewed
CVE-2025-36904 was published Sep 4, 2025
N/A Critical Unreviewed
CVE-2025-36896 was published Sep 4, 2025
In unknown of cd_CnMsgCodecUserApi.cpp, there is a possible out of bounds write due to a missing... Critical Unreviewed
CVE-2025-36897 was published Sep 4, 2025
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input... Critical Unreviewed
CVE-2024-45169 was published Aug 22, 2024
Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated... Critical Unreviewed
CVE-2025-5310 was published Jun 27, 2025
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability... Critical Unreviewed
CVE-2025-53693 was published Sep 3, 2025
FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote... Critical Unreviewed
CVE-2012-10030 was published Aug 5, 2025
utils-extend Prototype Pollution Critical
CVE-2024-57077 was published for utils-extend (npm) Feb 6, 2025
dsimk
Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability... Critical Unreviewed
CVE-2025-9276 was published Sep 2, 2025
A use-after-free vulnerability exists in the coap_delete_pdu_lkd function within coap_pdu.c of... Critical Unreviewed
CVE-2025-50518 was published Aug 14, 2025
In BootROM, there is a missing size check for RSA keys in Certificate Type 0 validation. This... Critical Unreviewed
CVE-2022-38692 was published Sep 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database