Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,554 advisories

Loading
Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump... High Unreviewed
CVE-2024-45577 was published May 6, 2025
Memory corruption during the FRS UDS generation process. High Unreviewed
CVE-2024-49845 was published May 6, 2025
Memory corruption while triggering commands in the PlayReady Trusted application. High Unreviewed
CVE-2024-49844 was published May 6, 2025
Tesla Model S Iris Modem QCMAP_ConnectionManager Improper Input Validation Sandbox Escape... High Unreviewed
CVE-2024-13943 was published Apr 30, 2025
Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose... High Unreviewed
CVE-2025-30391 was published Apr 30, 2025
Improper Input Validation vulnerability in Apache Kvrocks. The SETRANGE command didn't check if... High Unreviewed
CVE-2025-26413 was published Apr 22, 2025
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and... High Unreviewed
CVE-2023-42977 was published Apr 11, 2025
An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks... High Unreviewed
CVE-2025-30649 was published Apr 9, 2025
An Improper Input Validation vulnerability in the Juniper DHCP Daemon (jdhcpd) of Juniper... High Unreviewed
CVE-2025-30648 was published Apr 9, 2025
CWE-20: Improper Input Validation vulnerability exists that could cause a loss of Confidentiality... High Unreviewed
CVE-2025-2223 was published Apr 9, 2025
Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate... High Unreviewed
CVE-2025-29811 was published Apr 8, 2025
Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to... High Unreviewed
CVE-2025-27737 was published Apr 8, 2025
Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate... High Unreviewed
CVE-2025-27731 was published Apr 8, 2025
Improper input validation in Azure Local allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-27489 was published Apr 8, 2025
Improper input validation in Windows Kerberos allows an unauthorized attacker to elevate... High Unreviewed
CVE-2025-26647 was published Apr 8, 2025
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate... High Unreviewed
CVE-2025-24074 was published Apr 8, 2025
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate... High Unreviewed
CVE-2025-24058 was published Apr 8, 2025
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate... High Unreviewed
CVE-2025-24060 was published Apr 8, 2025
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate... High Unreviewed
CVE-2025-24062 was published Apr 8, 2025
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate... High Unreviewed
CVE-2025-24073 was published Apr 8, 2025
Signalling in Pexip Infinity 29 through 36.2 before 37.0 has improper input validation that... High Unreviewed
CVE-2025-30080 was published Apr 2, 2025
Pexip Infinity before 35.0 has improper input validation that allows remote attackers to trigger... High Unreviewed
CVE-2024-37917 was published Apr 2, 2025
A YAML deserialization vulnerability was found in the Robot Operating System (ROS) 'dynparam', a... High Unreviewed
CVE-2024-39780 was published Apr 2, 2025
Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52... High Unreviewed
CVE-2025-3068 was published Apr 2, 2025
A validation issue was addressed with improved logic. This issue is fixed in visionOS 2.4, macOS... High Unreviewed
CVE-2025-30471 was published Apr 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database