Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,503
Maven
5,000+
npm
4,148
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

103 advisories

Loading
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15... High Unreviewed
CVE-2025-43330 was published Sep 16, 2025
In setDisplayName of AssociationRequest.java, there is a possible way for an app to retain CDM... High Unreviewed
CVE-2025-48522 was published Sep 4, 2025
In showDismissibleKeyguard of KeyguardService.java, there is a possible way to bypass app pinning... High Unreviewed
CVE-2025-32331 was published Sep 4, 2025
In onHandleForceStop of VoiceInteractionManagerService.java, there is a bug that could cause the... High Unreviewed
CVE-2025-26444 was published Sep 5, 2025
In multiple locations, there is a possible way to hijack the Launcher app due to a logic error in... High Unreviewed
CVE-2025-0089 was published Sep 4, 2025
In checkPermissions of SafeActivityOptions.java, there is a possible background activity launch... High Unreviewed
CVE-2025-48546 was published Sep 4, 2025
In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without... High Unreviewed
CVE-2025-26443 was published Sep 5, 2025
In multiple functions of LocationProviderManager.java, there is a possible background activity... High Unreviewed
CVE-2025-26458 was published Sep 5, 2025
In executeAppFunction of AppSearchManagerService.java, there is a possible background activity... High Unreviewed
CVE-2025-26464 was published Sep 4, 2025
In getCallingPackageName of CredentialStorage, there is a possible permission bypass due to a... High Unreviewed
CVE-2025-48531 was published Sep 4, 2025
In setupAccessibilityServices of AccessibilityFragment.java, there is a possible way to hide an... High Unreviewed
CVE-2025-26431 was published Sep 4, 2025
In getDefaultCBRPackageName of CellBroadcastHandler.java, there is a possible escalation of... High Unreviewed
CVE-2025-48534 was published Sep 4, 2025
In getComponentName of AccessibilitySettingsUtils.java, there is a possible way to for a... High Unreviewed
CVE-2025-26439 was published Sep 4, 2025
In gxp_mapping_create of gxp_mapping.c, there is a possible privilege escalation due to a logic... High Unreviewed
CVE-2025-36905 was published Sep 4, 2025
There is a possible escalation of privilege due to a logic error in the code. This could lead to... High Unreviewed
CVE-2025-36898 was published Sep 4, 2025
XSLT document loading did not correctly propagate the source document which bypassed its CSP.... High Unreviewed
CVE-2025-8032 was published Jul 22, 2025
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the default configuration of the QNX... High Unreviewed
CVE-2017-3893 was published May 17, 2022
Emerson ValveLink products do not use or incorrectly uses a protection mechanism that provides ... High Unreviewed
CVE-2025-46358 was published Jul 11, 2025
Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a... High Unreviewed
CVE-2025-49740 was published Jul 8, 2025
Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an... High Unreviewed
CVE-2025-47159 was published Jul 8, 2025
Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose... High Unreviewed
CVE-2025-47984 was published Jul 8, 2025
An authenticated attacker can exploit an Server-Side Request Forgery (SSRF) vulnerability in... High Unreviewed
CVE-2025-21384 was published Apr 1, 2025
A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM... High Unreviewed
CVE-2025-41224 was published Jul 8, 2025
ScaleFusion 10.5.2 does not properly limit users to the Edge application because Ctrl-O and Ctrl... High Unreviewed
CVE-2023-51748 was published Jan 11, 2024
Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny... High Unreviewed
CVE-2025-32725 was published Jun 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database