Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,667
Maven
5,000+
npm
4,295
NuGet
760
pip
4,073
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

114,468 advisories

Loading
Lite XL versions 2.1.8 and prior contain a vulnerability in the system.exec function, which... High Unreviewed
CVE-2025-12121 was published Nov 20, 2025
Lite XL versions 2.1.8 and prior automatically execute the .lite_project.lua file when opening a... High Unreviewed
CVE-2025-12120 was published Nov 20, 2025
A path Traversal vulnerability found in FileCodeBox v2.2 and earlier allows arbitrary file writes... High Unreviewed
CVE-2025-51661 was published Nov 19, 2025
Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized... High Unreviewed
CVE-2025-59512 was published Nov 11, 2025
Denial-of-service condition in M-Files Server versions before 25.11.15392.1 allows an... High Unreviewed
CVE-2025-11681 was published Nov 17, 2025
A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled... High Unreviewed
CVE-2025-8941 was published Aug 13, 2025
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix oops in write... High Unreviewed
CVE-2025-38139 was published Jul 3, 2025
In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after... High Unreviewed
CVE-2025-38129 was published Jul 3, 2025
A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums.... High Unreviewed
CVE-2024-12085 was published Jan 14, 2025
In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Cancel... High Unreviewed
CVE-2025-38137 was published Jul 3, 2025
In the Linux kernel, the following vulnerability has been resolved: dm: fix dm_blk_report_zones ... High Unreviewed
CVE-2025-38141 was published Jul 3, 2025
The affected product allows unauthenticated access to Real Time Streaming Protocol (RTSP)... High Unreviewed
CVE-2025-62674 was published Nov 20, 2025
Missing authorization check in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes users... High Unreviewed
CVE-2025-52670 was published Nov 20, 2025
The affected products allow unauthenticated access to Open Network Video Interface Forum (ONVIF)... High Unreviewed
CVE-2025-64770 was published Nov 20, 2025
In the Linux kernel, the following vulnerability has been resolved: erofs: avoid using multiple... High Unreviewed
CVE-2025-38172 was published Jul 3, 2025
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that... High Unreviewed
CVE-2025-7425 was published Jul 10, 2025
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad4851: fix ad4858... High Unreviewed
CVE-2025-38133 was published Jul 3, 2025
authkit-nextjs may let session cookies be cached in CDNs High
CVE-2025-64762 was published for @workos-inc/authkit-nextjs (npm) Nov 20, 2025
@anthropic-ai/claude-code has Sed Command Validation Bypass that Allows Arbitrary File Writes High
CVE-2025-64755 was published for @anthropic-ai/claude-code (npm) Nov 20, 2025
vLLM vulnerable to DoS with incorrect shape of multimodal embedding inputs High
CVE-2025-62372 was published for vllm (pip) Nov 20, 2025
DarkLight1337 ywang96
Isotr0py russellb
Credited to DarkLight1337, ywang96, Isotr0py, and russellb
Mattermost Server is vulnerable to a Denial of Service attack through `invite_people` command High
CVE-2018-21258 was published for github.com/mattermost/mattermost-server (Go) May 24, 2022
vLLM deserialization vulnerability leading to DoS and potential RCE High
CVE-2025-62164 was published for vllm (pip) Nov 20, 2025
omriaxion russellb
ywang96
Credited to omriaxion, russellb, and ywang96
angular Prototype Pollution vulnerability High
CVE-2019-10768 was published for angular (npm) Nov 20, 2019
A vulnerability was detected in Tenda CH22 1.0.0.1. Affected is the function formWrlExtraGet of... High Unreviewed
CVE-2025-13400 was published Nov 19, 2025
An issue was discovered in bridgetech probes VB220 IP Network Probe,VB120 Embedded IP + RF Probe,... High Unreviewed
CVE-2025-63205 was published Nov 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database