Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

12 advisories

Loading
Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance. High Unreviewed
CVE-2025-15311 was published Feb 5, 2026
Improper neutralization of escape, meta, or control sequences in Copilot allows an unauthorized... High Unreviewed
CVE-2026-21521 was published Jan 23, 2026
Insufficient escaping of user-supplied data in mod_ssl in Apache HTTP Server 2.4.63 and earlier... High Unreviewed
CVE-2024-47252 was published Jul 10, 2025
IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow an authenticated user to execute... High Unreviewed
CVE-2025-0975 was published Feb 28, 2025
RARLAB WinRAR before 7.00, on Windows, allows attackers to spoof the screen output via ANSI... High Unreviewed
CVE-2024-36052 was published May 21, 2024
RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen... High Unreviewed
CVE-2024-33899 was published Apr 29, 2024
Deno's deno_runtime vulnerable to interactive permission prompt spoofing via improper ANSI stripping High
CVE-2024-27936 was published for deno (Rust) Mar 5, 2024
Ry0taK Credited to Ry0taK and westonsteimel westonsteimel westonsteimel
Shescape on Windows escaping may be bypassed in threaded context High
CVE-2023-40185 was published for shescape (npm) Aug 22, 2023
Interactive `run` permission prompt spoofing via improper ANSI neutralization High
CVE-2023-28446 was published for deno (Rust) Mar 24, 2023
tristan-f-r Credited to tristan-f-r
** UNSUPPORTED WHEN ASSIGNED ** The administration web interface on Belkin Linksys WRT160NL 1.0... High Unreviewed
CVE-2021-25310 was published May 24, 2022
An information disclosure and remote code execution vulnerability in the slinger web server of... High Unreviewed
CVE-2020-6932 was published May 24, 2022
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window... High Unreviewed
CVE-2003-0063 was published Apr 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database