Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,662
Maven
5,000+
npm
4,289
NuGet
760
pip
4,069
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

12,752 advisories

Loading
sudo-rs: Partial password reveal is possible after timeout Low
CVE-2025-64170 was published for sudo-rs (Rust) Nov 12, 2025
DevLaTron bjorn3
MggMuggins squell
Credited to DevLaTron, bjorn3, MggMuggins, and squell
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote... Low Unreviewed
CVE-2025-53412 was published Nov 7, 2025
A vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11... Low Unreviewed
CVE-2025-54342 was published Nov 14, 2025
An allocation of resources without limits or throttling vulnerability has been reported to affect... Low Unreviewed
CVE-2025-53411 was published Nov 7, 2025
A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If a remote... Low Unreviewed
CVE-2025-54168 was published Nov 7, 2025
A cross-site scripting (XSS) vulnerability has been reported to affect File Station 5. If a... Low Unreviewed
CVE-2025-57706 was published Nov 7, 2025
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not... Low Unreviewed
CVE-2020-0656 was published May 24, 2022
An issue was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1... Low Unreviewed
CVE-2025-54559 was published Nov 14, 2025
A Server-side Request Forgery vulnerability was found in the Application Server of Desktop Alert... Low Unreviewed
CVE-2025-54560 was published Nov 14, 2025
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote... Low Unreviewed
CVE-2025-52865 was published Nov 7, 2025
A NULL pointer dereference vulnerability has been reported to affect File Station 5. If a remote... Low Unreviewed
CVE-2025-53408 was published Nov 7, 2025
PrivateBin vulnerable to malicious filename use for self-XSS / HTML injection locally for users Low
CVE-2025-64711 was published for privatebin/privatebin (Composer) Nov 14, 2025
esnard rugk
Ribas160
Credited to esnard, rugk, and Ribas160
An insufficient validation of an untrusted input vulnerability in Palo Alto Networks Prisma®... Low Unreviewed
CVE-2025-4616 was published Nov 14, 2025
An insufficient policy enforcement vulnerability in Palo Alto Networks Prisma® Browser on Windows... Low Unreviewed
CVE-2025-4617 was published Nov 14, 2025
A cross-site request forgery (CSRF) vulnerability has been reported to affect QuLog Center. The... Low Unreviewed
CVE-2025-58469 was published Nov 7, 2025
Mattermost Incorrect Authorization vulnerability Low
CVE-2025-11777 was published for github.com/mattermost/mattermost (Go) Nov 13, 2025
Keycloak allows access to admin path through flaw Low
CVE-2025-10939 was published for org.keycloak:keycloak-quarkus-server (Maven) Oct 28, 2025
SpiceDB WriteRelationships fails silently if payload is too big Low
CVE-2025-64529 was published for github.com/authzed/spicedb (Go) Nov 13, 2025
Wasmtime provides unsound API access to a WebAssembly shared linear memory Low
CVE-2025-64345 was published for wasmtime (Rust) Nov 12, 2025
Netavark Has Possible DNS Resolve Confusion Low
CVE-2025-8283 was published for netavark (Rust) Jul 28, 2025
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Process Control... Low Unreviewed
CVE-2025-46370 was published Nov 13, 2025
An issue was discovered in PyTorch v2.5 and v2.7.1. Omission of profiler.stop() can cause torch... Low Unreviewed
CVE-2025-63396 was published Nov 12, 2025
EverShop is vulnerable to Unauthorized Order Information Access (IDOR) Low
CVE-2025-12919 was published for @evershop/evershop (npm) Nov 9, 2025
Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve... Low Unreviewed
CVE-2025-12817 was published Nov 13, 2025
Missing Authorization vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows... Low Unreviewed
CVE-2025-64350 was published Oct 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database