Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,667
Maven
5,000+
npm
4,295
NuGet
760
pip
4,073
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

114,468 advisories

Loading
vLLM deserialization vulnerability leading to DoS and potential RCE High
CVE-2025-62164 was published for vllm (pip) Nov 20, 2025
omriaxion russellb
DarkLight1337 ywang96
Credited to omriaxion, russellb, DarkLight1337, and ywang96
An issue was discovered in weijiang1994 university-bbs (aka Blogin) in commit... High Unreviewed
CVE-2025-63807 was published Nov 20, 2025
Quark Cloud Drive v3.23.2 has a DLL Hijacking vulnerability. This vulnerability stems from the... High Unreviewed
CVE-2025-63685 was published Nov 20, 2025
In the Linux kernel, the following vulnerability has been resolved: io_uring: fix use-after-free... High Unreviewed
CVE-2025-38106 was published Jul 3, 2025
The fetch function in file thinkphp\library\think\Template.php in ThinkPHP 5.0.24 allows... High Unreviewed
CVE-2025-63889 was published Nov 20, 2025
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix ECVF vports... High Unreviewed
CVE-2025-38109 was published Jul 3, 2025
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random... High Unreviewed
CVE-2022-50151 was published Jun 18, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check... High Unreviewed
CVE-2025-38091 was published Jul 2, 2025
In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix buffer... High Unreviewed
CVE-2025-38101 was published Jul 3, 2025
In the Linux kernel, the following vulnerability has been resolved: ath9k: fix use-after-free in... High Unreviewed
CVE-2022-50179 was published Jun 18, 2025
Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized... High Unreviewed
CVE-2025-64655 was published Nov 21, 2025
IBM webMethods Integration 10.11 through 10.11_Core_Fix22, 10.15 through 10.15_Core_Fix22, and 11... High Unreviewed
CVE-2025-36072 was published Nov 21, 2025
Microsoft Defender Portal Spoofing Vulnerability High Unreviewed
CVE-2025-62459 was published Nov 21, 2025
Azure Monitor Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-62207 was published Nov 21, 2025
Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in... High Unreviewed
CVE-2025-48986 was published Nov 20, 2025
Improper input neutralization in the stats-conversions.php script in Revive Adserver 5.5.2 and 6... High Unreviewed
CVE-2025-52668 was published Nov 20, 2025
Nagios Log Server versions prior to 2026R1.0.1 contain an authenticated command injection... High Unreviewed
CVE-2025-34322 was published Nov 17, 2025
An issue in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before Logic Version v6.00 -... High Unreviewed
CVE-2025-60738 was published Nov 20, 2025
A vulnerability found in IPRateLimit implementation of FileCodeBox up to 2.2 allows remote... High Unreviewed
CVE-2025-51663 was published Nov 19, 2025
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix uaf in... High Unreviewed
CVE-2025-38116 was published Jul 3, 2025
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Protect... High Unreviewed
CVE-2025-38117 was published Jul 3, 2025
Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due... High Unreviewed
CVE-2025-34323 was published Nov 17, 2025
In the Linux kernel, the following vulnerability has been resolved: net/mdiobus: Fix potential... High Unreviewed
CVE-2025-38110 was published Jul 3, 2025
Minder does not sandbox http.send in Rego programs High
GHSA-6xvf-4vh9-mw47 was published for github.com/mindersec/minder (Go) Nov 20, 2025
Apache Tomcat Vulnerable to Relative Path Traversal High
CVE-2025-55752 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 27, 2025
aruneko tkwilli94
Credited to aruneko and tkwilli94
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database