Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

10,879 advisories

Loading
The Quttera Web Malware Scanner plugin for WordPress is vulnerable to Server-Side Request Forgery... Low Unreviewed
CVE-2025-8013 was published Aug 15, 2025
HCL Connections contains a broken access control vulnerability that may allow unauthorized user... Low Unreviewed
CVE-2025-31961 was published Aug 15, 2025
SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4... Low Unreviewed
CVE-2025-36613 was published Aug 14, 2025
Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory... Low Unreviewed
CVE-2025-36581 was published Aug 14, 2025
PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user... Low Unreviewed
CVE-2025-8713 was published Aug 14, 2025
Netskope is notified about a potential gap in its agent (NS Client) in which a malicious actor... Low Unreviewed
CVE-2025-5941 was published Aug 14, 2025
An improper access control in Gitlab EE affecting all versions from 12.0 prior to 18.0.6, 18.1... Low Unreviewed
CVE-2025-2498 was published Aug 13, 2025
Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software... Low Unreviewed
CVE-2025-27707 was published Aug 12, 2025
Improper input validation in the Intel Edger8r Tool for some Intel(R) SGX SDK may allow an... Low Unreviewed
CVE-2025-32004 was published Aug 12, 2025
Improper access control for some Edge Orchestrator software before version 24.11.1 for Intel(R)... Low Unreviewed
CVE-2025-24840 was published Aug 12, 2025
Uncontrolled resource consumption for some Edge Orchestrator software before version 24.11.1 for... Low Unreviewed
CVE-2025-27576 was published Aug 12, 2025
Improper initialization in the Linux kernel-mode driver for some Intel(R) I350 Series Ethernet... Low Unreviewed
CVE-2025-24511 was published Aug 12, 2025
Improper synchronization in the firmware for some Intel(R) TDX may allow a privileged user to... Low Unreviewed
CVE-2025-22853 was published Aug 12, 2025
Improper buffer restrictions in the firmware for some Intel(R) TDX may allow a privileged user to... Low Unreviewed
CVE-2025-21096 was published Aug 12, 2025
Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series... Low Unreviewed
CVE-2025-24324 was published Aug 12, 2025
Predictable Seed in Pseudo-Random Number Generator (PRNG) in the firmware for some Intel(R) TDX... Low Unreviewed
CVE-2025-20613 was published Aug 12, 2025
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V10.0), SIPROTEC... Low Unreviewed
CVE-2025-40570 was published Aug 12, 2025
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... Low Unreviewed
CVE-2024-41985 was published Aug 12, 2025
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... Low Unreviewed
CVE-2024-41980 was published Aug 12, 2025
A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... Low Unreviewed
CVE-2024-41984 was published Aug 12, 2025
SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing vulnerability due to inadequate... Low Unreviewed
CVE-2025-42941 was published Aug 12, 2025
Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network... Low Unreviewed
CVE-2025-42955 was published Aug 12, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion. Low Unreviewed
CVE-2025-27536 was published Aug 11, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release... Low Unreviewed
CVE-2025-27562 was published Aug 11, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release... Low Unreviewed
CVE-2025-24925 was published Aug 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database