Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

17 advisories

Loading
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows... High Unreviewed
CVE-2025-49734 was published Sep 9, 2025
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege... High Unreviewed
CVE-2017-3891 was published May 13, 2022
Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an... High Unreviewed
CVE-2025-48807 was published Aug 12, 2025
A vulnerability in the SSH connection handling of Cisco Integrated Management Controller (IMC)... High Unreviewed
CVE-2025-20261 was published Jun 4, 2025
Medtronic 2090 CareLink Programmer all versions The affected product uses a virtual private... High Unreviewed
CVE-2018-10596 was published May 13, 2022
CWE-923: Improper Restriction of Communication Channel to Intended Endpoints High Unreviewed
CVE-2025-23178 was published Apr 29, 2025
OpenStack Neutron allows remote attackers to bypass an intended DHCP-spoofing protection mechanism High
CVE-2016-5362 was published for neutron (pip) May 14, 2022
A improper restriction of communication channel to intended endpoints vulnerability [CWE-923] in... High Unreviewed
CVE-2024-26013 was published Apr 8, 2025
Dell Common Event Enabler, version(s) CEE 9.0.0.0, contain(s) an Improper Restriction of... High Unreviewed
CVE-2025-29986 was published Apr 8, 2025
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the... High Unreviewed
CVE-2024-47490 was published Oct 11, 2024
The goTenna Pro series does not authenticate public keys which allows an unauthenticated attacker... High Unreviewed
CVE-2024-47125 was published Sep 26, 2024
Multiple Pimax products accept WebSocket connections from unintended endpoints. If this... High Unreviewed
CVE-2024-41889 was published Aug 5, 2024
Mullvad VPN through 2024.1 on Android does not set a DNS server in the blocking state (after a... High Unreviewed
CVE-2024-34446 was published May 3, 2024
In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM... High Unreviewed
CVE-2024-6222 was published Jul 9, 2024
The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be... High Unreviewed
CVE-2024-24974 was published Jul 8, 2024
NVIDIA Jetson contains a vulnerability in CBoot, where the PCIe controller is initialized... High Unreviewed
CVE-2023-25515 was published Jun 23, 2023
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the... High Unreviewed
CVE-2023-28971 was published Apr 18, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database