Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
42
GitHub Actions
43
Go
3,153
Maven
5,000+
npm
5,000+
NuGet
861
pip
4,451
Pub
12
RubyGems
991
Rust
1,179
Swift
50
Unreviewed advisories
All unreviewed
5,000+

58 advisories

Loading
In multiple functions of MmsProvider.java, there is a possible way to arbitrarily delete files... Critical Unreviewed
CVE-2025-48609 was published Mar 2, 2026
TOTOLINK X5000R v9.1.0cu_2415_B20250515 contains an argument injection vulnerability in the... Critical Unreviewed
CVE-2025-70327 was published Feb 23, 2026
Navidrome affected by Denial of Service and disk exhaustion via oversized `size` parameter in `/rest/getCoverArt` and `/share/img/<token>` endpoints Critical
CVE-2026-25579 was published for github.com/navidrome/navidrome (Go) Feb 4, 2026
yunfachi Credited to yunfachi
The vulnerability exists in BLUVOYIX due to design flaws in the email sending API. An... Critical Unreviewed
CVE-2026-22239 was published Jan 14, 2026
An attacker with access to the system's internal network can cause a denial of service on the... Critical Unreviewed
CVE-2026-22542 was published Jan 7, 2026
The massive sending of ARP requests causes a denial of service on one board of the charger that... Critical Unreviewed
CVE-2026-22540 was published Jan 7, 2026
Denial of service of the web server through specific requests to this protocol Critical Unreviewed
CVE-2025-64388 was published Oct 31, 2025
Hatching Triage Sandbox Windows 10 build 2004 (2025-08-14) and Windows 10 LTSC 2021(2025-08-14)... Critical Unreviewed
CVE-2025-61303 was published Oct 20, 2025
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6,... Critical Unreviewed
CVE-2025-43193 was published Jul 30, 2025
A use-after-free issue was addressed with improved memory management. This issue is fixed in... Critical Unreviewed
CVE-2025-30427 was published Apr 1, 2025
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, tvOS... Critical Unreviewed
CVE-2025-24264 was published Apr 1, 2025
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4.... Critical Unreviewed
CVE-2025-24269 was published Apr 1, 2025
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7... Critical Unreviewed
CVE-2025-24260 was published Apr 1, 2025
A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24247 was published Apr 1, 2025
A memory initialization issue was addressed with improved memory handling. This issue is fixed in... Critical Unreviewed
CVE-2025-24235 was published Apr 1, 2025
This issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4,... Critical Unreviewed
CVE-2025-24211 was published Apr 1, 2025
The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.4, macOS... Critical Unreviewed
CVE-2025-24190 was published Apr 1, 2025
An input validation issue was addressed. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS... Critical Unreviewed
CVE-2025-24126 was published Jan 28, 2025
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.7... Critical Unreviewed
CVE-2025-24151 was published Jan 28, 2025
Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications ... Critical Unreviewed
CVE-2025-21547 was published Jan 21, 2025
The Mirai botnet through 2024-08-19 mishandles simultaneous TCP connections to the CNC (command... Critical Unreviewed
CVE-2024-45163 was published Aug 22, 2024
An issue was discovered in UCI IDOL 2 (aka uciIDOL or IDOL2) through 2.12. Due to improper input... Critical Unreviewed
CVE-2024-45166 was published Aug 22, 2024
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps... Critical Unreviewed
CVE-2024-44083 was published Aug 19, 2024
In the Linux kernel, the following vulnerability has been resolved: clk: bcm: dvp: Assign ->num... Critical Unreviewed
CVE-2024-39462 was published Jun 25, 2024
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix... Critical Unreviewed
CVE-2022-48716 was published Jun 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database