Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,541 advisories

Loading
Substance3D - Viewer versions 0.25.1 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2025-54244 was published Sep 9, 2025
OS Command ('OS Command Injection') vulnerability in Calix GigaCenter ONT (Quantenna SoC modules)... High Unreviewed
CVE-2025-54084 was published Sep 9, 2025
Substance3D - Viewer versions 0.25.1 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2025-54245 was published Sep 9, 2025
Unauthenticated Telnet access vulnerability in Calix GigaCenter ONT allows root access.This issue... High Unreviewed
CVE-2025-7635 was published Sep 9, 2025
A security vulnerability has been detected in UTT 1200GW up to 3.0.0-170831. This affects the... High Unreviewed
CVE-2025-10170 was published Sep 9, 2025
A weakness has been identified in UTT 1200GW up to 3.0.0-170831. Affected by this issue is some... High Unreviewed
CVE-2025-10169 was published Sep 9, 2025
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to gain access to a... High Unreviewed
CVE-2025-23342 was published Sep 9, 2025
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to... High Unreviewed
CVE-2025-23343 was published Sep 9, 2025
A vulnerability in the Poly Lens Desktop application running on the Windows platform might allow... High Unreviewed
CVE-2025-43491 was published Sep 9, 2025
Acrobat Reader versions 24.001.30254, 20.005.30774, 25.001.20672 and earlier are affected by a... High Unreviewed
CVE-2025-54257 was published Sep 9, 2025
The NVIDIA NVDebug tool contains a vulnerability that may allow an actor to run code on the... High Unreviewed
CVE-2025-23344 was published Sep 9, 2025
Excessive Privileges vulnerability in Calix GigaCenter ONT (Broadcom SoC modules) allows... High Unreviewed
CVE-2025-53914 was published Sep 9, 2025
Excessive Privileges vulnerability in Calix GigaCenter ONT (Quantenna SoC modules) allows... High Unreviewed
CVE-2025-53913 was published Sep 9, 2025
CWE-798 Use of Hard-coded Credentials High Unreviewed
CVE-2025-55047 was published Sep 9, 2025
A command injection vulnerability in Brocade Fabric OS before 9.2.0c, and 9.2.1 through 9.2.1a on... High Unreviewed
CVE-2024-7517 was published Sep 9, 2025
Premiere Pro versions 25.3, 24.6.5 and earlier are affected by a Use After Free vulnerability... High Unreviewed
CVE-2025-54242 was published Sep 9, 2025
Dreamweaver Desktop versions 21.5 and earlier are affected by a Cross-Site Request Forgery (CSRF)... High Unreviewed
CVE-2025-54256 was published Sep 9, 2025
Nagios XI < 2024R1.3.2 contains a remote code execution vulnerability by chaining two flaws: an... High Unreviewed
CVE-2024-13986 was published Aug 28, 2025
Monai: Unsafe use of Pickle deserialization may lead to RCE High
CVE-2025-58757 was published for monai (pip) Sep 9, 2025
h3rrr
MONAI: Unsafe torch usage may lead to arbitrary code execution High
CVE-2025-58756 was published for monai (pip) Sep 9, 2025
h3rrr
MONAI does not prevent path traversal, potentially leading to arbitrary file writes High
CVE-2025-58755 was published for monai (pip) Sep 9, 2025
h3rrr
Maho is Vulnerable to Authenticated Remote Code Execution via File Upload High
CVE-2025-58449 was published for mahocommerce/maho (Composer) Sep 9, 2025
d-xuan
Cattown is Vulnerable to Uncontrolled Resource Consumption through Inefficient Regular Expression Complexity High
CVE-2025-58451 was published for cattown (npm) Sep 9, 2025
TYPO3 Workspaces Module Information Disclosure High
CVE-2025-59018 was published for typo3/cms-workspaces (Composer) Sep 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-59008 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database