Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

26,847 advisories

Loading
In FDL1, there is a possible missing payload size check. This could lead to memory buffer... Critical Unreviewed
CVE-2022-38693 was published Sep 2, 2025
In BootRom, there's a possible missing payload size check. This could lead to memory buffer... Critical Unreviewed
CVE-2022-38696 was published Sep 2, 2025
rsbi-pom 4.7 is vulnerable to SQL Injection in the /bi/service/model/DatasetService path. Critical Unreviewed
CVE-2025-57140 was published Sep 2, 2025
Malicious versions of Nx were published Critical
GHSA-cxm3-wv7p-598c was published for @nx/devkit (npm) Aug 27, 2025
jahredhope tadhglewis
hckhanh TimShilov
Missing Authorization vulnerability in Hamid Alinia Login with phone number.This issue affects... Critical Unreviewed
CVE-2024-32832 was published Aug 31, 2025
Unrestricted Upload of File with Dangerous Type vulnerability in Mojoomla School Management... Critical Unreviewed
CVE-2025-31100 was published Aug 31, 2025
An authentication bypass vulnerability has been identified in the REST and SOAP API components of... Critical Unreviewed
CVE-2024-4332 was published Jun 3, 2024
In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the... Critical Unreviewed
CVE-2025-50428 was published Aug 27, 2025
TRENDnet TV-IP410 vA1.0R was discovered to contain an OS command injection vulnerability via the ... Critical Unreviewed
CVE-2024-46484 was published Aug 29, 2025
Improper Input Validation vulnerability in Microchip Techology Advanced Software Framework... Critical Unreviewed
CVE-2024-7490 was published Aug 8, 2024
HydrAIDE Authentication Bypass Vulnerability Critical
GHSA-qp7j-x725-g67f was published for github.com/hydraide/hydraide (Go) Aug 19, 2025
yyewolf
Capsule tenant owners with "patch namespace" permission can hijack system namespaces label Critical
CVE-2025-55205 was published for github.com/projectcapsule/capsule (Go) Aug 18, 2025
b0b0haha
PyTorch: `torch.load` with `weights_only=True` leads to remote code execution Critical
CVE-2025-32434 was published for torch (pip) Apr 18, 2025
azraelxuemo hixio-mh
An improper authentication vulnerability has been reported to affect VioStor. If a remote... Critical Unreviewed
CVE-2025-52856 was published Aug 29, 2025
SQL injection vulnerability in oa_system oasys v.1.1 allows a remote attacker to execute... Critical Unreviewed
CVE-2025-44033 was published Aug 29, 2025
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing... Critical Unreviewed
CVE-2017-12187 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing... Critical Unreviewed
CVE-2017-12184 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing... Critical Unreviewed
CVE-2017-12183 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension... Critical Unreviewed
CVE-2017-12185 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing... Critical Unreviewed
CVE-2017-12186 was published May 13, 2022
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote... Critical Unreviewed
CVE-2023-30258 was published Jun 23, 2023
xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing... Critical Unreviewed
CVE-2017-12180 was published May 13, 2022
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function... Critical Unreviewed
CVE-2017-12177 was published May 13, 2022
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing... Critical Unreviewed
CVE-2017-12182 was published May 13, 2022
xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function... Critical Unreviewed
CVE-2017-12178 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database