Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,554 advisories

Loading
An issue was discovered in MariaDB MCP 0.1.0 allowing attackers to gain sensitive information via... High Unreviewed
CVE-2025-56404 was published Sep 10, 2025
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input... High Unreviewed
CVE-2025-54248 was published Sep 9, 2025
Improper Input Validation in the Networking Stack of QNX SDP version(s) 6.6, 7.0, and 7.1 could... High Unreviewed
CVE-2023-32701 was published Nov 14, 2023
A security issue exists in the protected mode of 1756-EN4TR and 1756-EN2TR communication modules,... High Unreviewed
CVE-2025-8007 was published Sep 9, 2025
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an... High Unreviewed
CVE-2021-37150 was published Aug 11, 2022
In shouldAllowFgsWhileInUsePermissionLocked of ActiveServices.java, there is a possible way to... High Unreviewed
CVE-2022-20356 was published Aug 11, 2022
A request smuggling vulnerability existed in the Google Cloud Classic Application Load Balancer... High Unreviewed
CVE-2025-4600 was published May 16, 2025
Improper input validation in the system management mode (SMM) could allow a privileged attacker... High Unreviewed
CVE-2024-21947 was published Sep 6, 2025
Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow... High Unreviewed
CVE-2024-36342 was published Sep 6, 2025
Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker... High Unreviewed
CVE-2024-36354 was published Sep 6, 2025
In getCallingAppName of Shared.java, there is a possible way to trick users into granting file... High Unreviewed
CVE-2025-32323 was published Sep 4, 2025
Velocidex WinPmem versions below 4.1 suffer from an Improper Input Validation vulnerability... High Unreviewed
CVE-2024-10972 was published Dec 16, 2024
In multiple methods of NotificationChannel.java, there is a possible desynchronization from... High Unreviewed
CVE-2025-48556 was published Sep 4, 2025
In multiple locations, there is a possible way to persistently DoS the device due to improper... High Unreviewed
CVE-2025-48537 was published Sep 4, 2025
In onCreate of FaceSettings.java, there is a possible way to remove biometric unlock across user... High Unreviewed
CVE-2025-48541 was published Sep 4, 2025
In onCreate of MediaProjectionPermissionActivity.java , there is a possible way to grant a... High Unreviewed
CVE-2025-32322 was published Sep 4, 2025
In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out of bounds write due to... High Unreviewed
CVE-2024-56190 was published Sep 4, 2025
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... High Unreviewed
CVE-2024-3646 was published Apr 19, 2024
, aka 'Microsoft SharePoint Spoofing Vulnerability'. High Unreviewed
CVE-2020-17115 was published May 24, 2022
O2OA v9.0.3 was discovered to contain a remote code execution (RCE) vulnerability via the... High Unreviewed
CVE-2024-37777 was published Aug 27, 2025
Running DDoS on tcp port 22 will trigger a kernel crash. This issue is introduced by the backport... High Unreviewed
CVE-2023-0881 was published Mar 31, 2025
An issue was discovered in the changePassword method in file /usr/share/php/openmediavault/system... High Unreviewed
CVE-2025-50674 was published Aug 22, 2025
An improper input validation vulnerability was discovered in the NTP server configuration field... High Unreviewed
CVE-2025-22495 was published Feb 24, 2025
Local Root Exploit via Configuration Dictionary in dnf5daemon-server before 5.1.17 allows a... High Unreviewed
CVE-2024-1929 was published May 8, 2024
An ActiveX control in GenLaunch.htm in ICONICS GENESIS32 8.0, 8.02, 8.04, and 8.05 allows remote... High Unreviewed
CVE-2014-0758 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database