Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

177 advisories

Loading
In 2N Access Commander versions 3.1.1.2 and prior, an Insufficient Verification of Data... Moderate Unreviewed
CVE-2024-47254 was published Nov 5, 2024
In 2N Access Commander versions 3.1.1.2 and prior, a local attacker can escalate their privileges... Moderate Unreviewed
CVE-2024-47255 was published Nov 5, 2024
In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to... Moderate Unreviewed
CVE-2025-0092 was published Aug 27, 2025
Picklescan missing detection when calling pytorch function torch.utils._config_module.load_config Moderate
GHSA-vv6j-3g6g-2pvj was published for picklescan (pip) Aug 22, 2025
FredericDT
Picklescan missing detection when calling pytorch function torch.jit.unsupported_tensor_ops.execWrapper Moderate
GHSA-vr7h-p6mm-wpmh was published for picklescan (pip) Aug 22, 2025
FredericDT
Picklescan missing detection when calling pytorch function torch.utils.collect_env.run Moderate
GHSA-f745-w6jp-hpxx was published for picklescan (pip) Aug 22, 2025
FredericDT
Picklescan missing detection when calling pytorch function torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression Moderate
GHSA-f4x7-rfwp-v3xw was published for picklescan (pip) Aug 22, 2025
FredericDT
Picklescan missing detection when calling pytorch function torch._dynamo.guards.GuardBuilder.get Moderate
GHSA-86cj-95qr-2p4f was published for picklescan (pip) Aug 22, 2025
FredericDT
Picklescan missing detection when calling pytorch function torch.utils.bottleneck.__main__.run_cprofile Moderate
GHSA-4r9r-ch6f-vxmx was published for picklescan (pip) Aug 22, 2025
FredericDT
A vulnerability has been found in Tenda G1 16.01.7.8(3660). Affected by this issue is the... Moderate Unreviewed
CVE-2025-8980 was published Aug 14, 2025
A vulnerability was identified in Tenda AC15 15.13.07.13. Affected by this vulnerability is the... Moderate Unreviewed
CVE-2025-8979 was published Aug 14, 2025
A vulnerability was determined in D-Link DIR-619L 6.02CN02. Affected is the function... Moderate Unreviewed
CVE-2025-8978 was published Aug 14, 2025
Ollama vulnerable to Cross-Domain Token Exposure Moderate
CVE-2025-51471 was published for github.com/ollama/ollama (Go) Jul 22, 2025
A vulnerability classified as problematic was found in Eluktronics Control Center 5.23.51.41.... Moderate Unreviewed
CVE-2025-7884 was published Jul 20, 2025
Pioneer DMH-WT7600NEX Software Update Signing Insufficient Verification of Data Authenticity... Moderate Unreviewed
CVE-2025-5832 was published Jun 26, 2025
Pioneer DMH-WT7600NEX Root Filesystem Insufficient Verification of Data Authenticity... Moderate Unreviewed
CVE-2025-5833 was published Jun 26, 2025
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin Moderate
CVE-2023-48795 was published for golang.org/x/crypto (Go) Dec 18, 2023
TrueSkrillor lambdafu
sugar700 levpachmanov
A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient... Moderate Unreviewed
CVE-2018-10626 was published May 13, 2022
Mithril snapshots for Cardano database could be compromised by an adversary Moderate
GHSA-qv97-5qr8-2266 was published for mithril-client (Rust) May 7, 2025
A logic issue was addressed with improved state management. This issue is fixed in Safari 16.2,... Moderate Unreviewed
CVE-2022-46692 was published Dec 15, 2022
Siemens LOGO! Soft Comfort (All versions before V8.2) lacks integrity verification of software... Moderate Unreviewed
CVE-2017-12740 was published May 13, 2022
Duplicate Advisory: WildFly Elytron OpenID Connect Client Extension authorization code injection attack Moderate
GHSA-4v5x-9m47-cqr2 was published for org.wildfly:wildfly-elytron-oidc-client-subsystem (Maven) Dec 9, 2024 withdrawn
darranl
TP-Link TL-WR940N V4 3.16.9 and earlier allows authenticated attackers to cause a Denial of... Moderate Unreviewed
CVE-2022-46139 was published Dec 20, 2022
An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a... Moderate Unreviewed
CVE-2022-46422 was published Dec 20, 2022
Remote Agent, used in WebDriver, did not validate the Host or Origin headers. This could have... Moderate Unreviewed
CVE-2022-22757 was published Dec 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database