Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

322 advisories

Loading
Picklescan Bypass is Possible via File Extension Mismatch High
GHSA-jgw4-cr84-mqxg was published for picklescan (pip) Sep 10, 2025
Picklescan: ZIP archive scan bypass is possible through non-exhaustive Cyclic Redundancy Check High
GHSA-mjqp-26hc-grxg was published for picklescan (pip) Sep 10, 2025
Picklescan is Vulnerable to Unsafe Globals Check Bypass through Subclass Imports High
GHSA-f7qq-56ww-84cr was published for picklescan (pip) Sep 10, 2025
davcohen
Protection mechanism failure in Windows MapUrlToZone allows an unauthorized attacker to bypass a... Moderate Unreviewed
CVE-2025-54917 was published Sep 9, 2025
The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control... Critical Unreviewed
CVE-2025-59033 was published Sep 8, 2025
In onHandleForceStop of VoiceInteractionManagerService.java, there is a bug that could cause the... High Unreviewed
CVE-2025-26444 was published Sep 5, 2025
In multiple functions of LocationProviderManager.java, there is a possible background activity... High Unreviewed
CVE-2025-26458 was published Sep 5, 2025
In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without... High Unreviewed
CVE-2025-26443 was published Sep 5, 2025
In setupAccessibilityServices of AccessibilityFragment.java, there is a possible way to hide an... High Unreviewed
CVE-2025-26431 was published Sep 4, 2025
In getComponentName of AccessibilitySettingsUtils.java, there is a possible way to for a... High Unreviewed
CVE-2025-26439 was published Sep 4, 2025
In getCallingPackageName of CredentialStorage, there is a possible permission bypass due to a... High Unreviewed
CVE-2025-48531 was published Sep 4, 2025
In setDisplayName of AssociationRequest.java, there is a possible way for an app to retain CDM... High Unreviewed
CVE-2025-48522 was published Sep 4, 2025
In handlePackagesChanged of DevicePolicyManagerService.java, there is a possible persistent... Moderate Unreviewed
CVE-2025-48554 was published Sep 4, 2025
In checkPermissions of SafeActivityOptions.java, there is a possible background activity launch... High Unreviewed
CVE-2025-48546 was published Sep 4, 2025
In getDefaultCBRPackageName of CellBroadcastHandler.java, there is a possible escalation of... High Unreviewed
CVE-2025-48534 was published Sep 4, 2025
In executeAppFunction of AppSearchManagerService.java, there is a possible background activity... High Unreviewed
CVE-2025-26464 was published Sep 4, 2025
In showDismissibleKeyguard of KeyguardService.java, there is a possible way to bypass app pinning... High Unreviewed
CVE-2025-32331 was published Sep 4, 2025
In multiple locations, there is a possible way to hijack the Launcher app due to a logic error in... High Unreviewed
CVE-2025-0089 was published Sep 4, 2025
In gxp_mapping_create of gxp_mapping.c, there is a possible privilege escalation due to a logic... High Unreviewed
CVE-2025-36905 was published Sep 4, 2025
There is a possible escalation of privilege due to a logic error in the code. This could lead to... High Unreviewed
CVE-2025-36898 was published Sep 4, 2025
A vulnerability in the REST API endpoints of Cisco Nexus Dashboard and Cisco Nexus Dashboard... Moderate Unreviewed
CVE-2025-20347 was published Aug 27, 2025
Dell ThinOS 10, versions prior to 2508_10.0127, contain a Protection Mechanism Failure... Critical Unreviewed
CVE-2025-43728 was published Aug 27, 2025
Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the... Critical Unreviewed
CVE-2025-54143 was published Aug 19, 2025
Protection mechanism failure in the Intel(R) Graphics Driver for the Intel(R) Arc(TM) B-Series... Moderate Unreviewed
CVE-2025-24835 was published Aug 12, 2025
Protection mechanism failure for some Edge Orchestrator software before version 24.11.1 for Intel... Moderate Unreviewed
CVE-2025-24523 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database