Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,491
Maven
5,000+
npm
4,114
NuGet
735
pip
3,934
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,844 advisories

Loading
In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the... Critical Unreviewed
CVE-2025-50428 was published Aug 27, 2025
TRENDnet TV-IP410 vA1.0R was discovered to contain an OS command injection vulnerability via the ... Critical Unreviewed
CVE-2024-46484 was published Aug 29, 2025
Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework... Critical Unreviewed
CVE-2024-7490 was published Aug 8, 2024
HydrAIDE Authentication Bypass Vulnerability Critical
GHSA-qp7j-x725-g67f was published for github.com/hydraide/hydraide (Go) Aug 19, 2025
yyewolf
Capsule tenant owners with "patch namespace" permission can hijack system namespaces label Critical
CVE-2025-55205 was published for github.com/projectcapsule/capsule (Go) Aug 18, 2025
b0b0haha
PyTorch: `torch.load` with `weights_only=True` leads to remote code execution Critical
CVE-2025-32434 was published for torch (pip) Apr 18, 2025
azraelxuemo hixio-mh
An improper authentication vulnerability has been reported to affect VioStor. If a remote... Critical Unreviewed
CVE-2025-52856 was published Aug 29, 2025
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute... Critical Unreviewed
CVE-2025-44033 was published Aug 29, 2025
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing... Critical Unreviewed
CVE-2017-12187 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing... Critical Unreviewed
CVE-2017-12184 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension... Critical Unreviewed
CVE-2017-12185 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing... Critical Unreviewed
CVE-2017-12183 was published May 13, 2022
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote... Critical Unreviewed
CVE-2023-30258 was published Jun 23, 2023
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing... Critical Unreviewed
CVE-2017-12186 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing... Critical Unreviewed
CVE-2017-12181 was published May 13, 2022
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S... Critical Unreviewed
CVE-2017-12179 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing... Critical Unreviewed
CVE-2017-12182 was published May 13, 2022
xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function... Critical Unreviewed
CVE-2017-12178 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection... Critical Unreviewed
CVE-2017-12176 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing... Critical Unreviewed
CVE-2017-12180 was published May 13, 2022
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function... Critical Unreviewed
CVE-2017-12177 was published May 13, 2022
Clinic Image System developed by Changing contains hard-coded Credentials, allowing... Critical Unreviewed
CVE-2025-8857 was published Aug 29, 2025
TSA developed by Changing has a Missing Authentication vulnerability, allowing unauthenticated... Critical Unreviewed
CVE-2025-8861 was published Aug 29, 2025
, aka 'Hyper-V Remote Code Execution Vulnerability'. Critical Unreviewed
CVE-2020-17095 was published May 24, 2022
, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. This CVE ID is unique from CVE... Critical Unreviewed
CVE-2020-17142 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database