GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,657
Composer 5,011
Erlang 39
GitHub Actions 38
Go 2,651
Maven 6,108
npm 4,279
NuGet 760
pip 4,066
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,263

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

110 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The... High Unreviewed

CVE-2024-32011 was published Nov 11, 2025

A vulnerability exists in SMM (System Management Mode) branch that registers a SWSMI handler that... High Unreviewed

CVE-2021-41841 was published Feb 10, 2022

In the kernel in Insyde InsydeH2O 5.x, certain SMM drivers did not correctly validate the... High Unreviewed

CVE-2021-33626 was published May 24, 2022

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information... Critical Unreviewed

CVE-2024-38476 was published Jul 1, 2024

An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co.... High Unreviewed

CVE-2025-41390 was published Oct 20, 2025

On a client with an admin user, a Global_Shipping script can be implemented. The script could... High Unreviewed

CVE-2025-12509 was published Oct 31, 2025

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a... Critical Unreviewed

CVE-2025-32463 was published Jun 30, 2025

ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an... Critical Unreviewed

CVE-2024-9537 was published Oct 18, 2024

Inclusion of Functionality from Untrusted Control Sphere vulnerability in HCL MyXalytics. v6.6... Low Unreviewed

CVE-2025-52655 was published Oct 10, 2025

Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary... Moderate Unreviewed

CVE-2025-62186 was published Oct 7, 2025

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11... High Unreviewed

CVE-2025-36355 was published Oct 6, 2025

A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link... High Unreviewed

CVE-2023-49134 was published Apr 9, 2024

A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link... High Unreviewed

CVE-2023-49133 was published Apr 9, 2024

In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic... Moderate Unreviewed

CVE-2025-57729 was published Aug 20, 2025

Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin... High Unreviewed

CVE-2025-8714 was published Aug 14, 2025

Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an... Critical Unreviewed

CVE-2025-0982 was published Feb 6, 2025

Inclusion of Functionality from Untrusted Control Sphere vulnerability in Simplehelp.This issue... High Unreviewed

CVE-2025-36727 was published Jul 25, 2025

OpenAI Codex CLI before 0.9.0 auto-approves ripgrep (aka rg) execution even with the --pre or -... Moderate Unreviewed

CVE-2025-54558 was published Jul 25, 2025

The Secure Password extension in One Identity Password Manager before 5.14.4 allows local... High Unreviewed

CVE-2025-27582 was published Jul 14, 2025

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by... High Unreviewed

CVE-2025-49809 was published Jul 4, 2025

A flaw was found in Yelp. The Gnome user help application allows the help document to execute... Moderate Unreviewed

CVE-2025-3155 was published Apr 3, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-39507 was published May 16, 2025

Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd... Moderate Unreviewed

CVE-2024-52976 was published May 1, 2025

In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. This... Moderate Unreviewed

CVE-2025-33027 was published Apr 15, 2025

In PeaZip through 10.4.0, there is a Mark-of-the-Web Bypass Vulnerability. This vulnerability... Moderate Unreviewed

CVE-2025-33026 was published Apr 15, 2025

Previous1…5 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

110 advisories