Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

5,014 advisories

Loading
The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, macOS Sonoma... High Unreviewed
CVE-2025-31208 was published May 13, 2025
An input validation issue was addressed by removing the vulnerable code. This issue is fixed in... High Unreviewed
CVE-2025-24274 was published May 13, 2025
Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro... High Unreviewed
CVE-2025-4377 was published May 9, 2025
Improper Input Validation, the returnUrl parameter in Account Security Settings lacks proper... High Unreviewed
CVE-2025-40846 was published May 8, 2025
A vulnerability in the Two-Way Active Measurement Protocol (TWAMP) server feature of Cisco IOS... High Unreviewed
CVE-2025-20154 was published May 7, 2025
Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the... High Unreviewed
CVE-2025-21460 was published May 6, 2025
Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump... High Unreviewed
CVE-2024-45577 was published May 6, 2025
Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver... High Unreviewed
CVE-2024-45579 was published May 6, 2025
Memory corruption while triggering commands in the PlayReady Trusted application. High Unreviewed
CVE-2024-49844 was published May 6, 2025
Memory corruption during the FRS UDS generation process. High Unreviewed
CVE-2024-49845 was published May 6, 2025
Tesla Model S Iris Modem QCMAP_ConnectionManager Improper Input Validation Sandbox Escape... High Unreviewed
CVE-2024-13943 was published Apr 30, 2025
Improper input validation in Microsoft Dynamics allows an unauthorized attacker to disclose... High Unreviewed
CVE-2025-30391 was published Apr 30, 2025
Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed High
CVE-2025-22235 was published for org.springframework.boot:spring-boot (Maven) Apr 28, 2025
Improper Input Validation vulnerability in Apache Kvrocks. The SETRANGE command didn't check if... High Unreviewed
CVE-2025-26413 was published Apr 22, 2025
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and... High Unreviewed
CVE-2023-42977 was published Apr 11, 2025
An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks... High Unreviewed
CVE-2025-30649 was published Apr 9, 2025
An Improper Input Validation vulnerability in the Juniper DHCP Daemon (jdhcpd) of Juniper... High Unreviewed
CVE-2025-30648 was published Apr 9, 2025
CWE-20: Improper Input Validation vulnerability exists that could cause a loss of Confidentiality... High Unreviewed
CVE-2025-2223 was published Apr 9, 2025
Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate... High Unreviewed
CVE-2025-29811 was published Apr 8, 2025
Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to... High Unreviewed
CVE-2025-27737 was published Apr 8, 2025
Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate... High Unreviewed
CVE-2025-27731 was published Apr 8, 2025
Improper input validation in Azure Local allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-27489 was published Apr 8, 2025
Improper input validation in Windows Kerberos allows an unauthorized attacker to elevate... High Unreviewed
CVE-2025-26647 was published Apr 8, 2025
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate... High Unreviewed
CVE-2025-24074 was published Apr 8, 2025
Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate... High Unreviewed
CVE-2025-24058 was published Apr 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database