Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

187 advisories

Loading
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer... Moderate Unreviewed
CVE-2025-59820 was published Nov 26, 2025
Inconsistent object size validation in time series processing logic may result in later... High Unreviewed
CVE-2025-13507 was published Nov 25, 2025
The Secure Flag passed to Versal™ Adaptive SoC’s Arm® Trusted Firmware for Cortex®-A processors ... Low Unreviewed
CVE-2025-54515 was published Nov 23, 2025
The security state of the calling processor into Arm® Trusted Firmware (TF-A) is not used and... High Unreviewed
CVE-2025-48507 was published Nov 23, 2025
N-central < 2025.4 can generate sessionIDs for unauthenticated users This issue affects N... Moderate Unreviewed
CVE-2025-9316 was published Nov 12, 2025
Improper Validation of Specified Quantity in Input vulnerability in TCP Communication Function on... Moderate Unreviewed
CVE-2025-10259 was published Nov 6, 2025
IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated... Moderate Unreviewed
CVE-2025-36092 was published Nov 3, 2025
A data corruption vulnerability has been identified in the luksmeta utility when used with the... Moderate Unreviewed
CVE-2025-11568 was published Oct 15, 2025
When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024... High Unreviewed
CVE-2025-61938 was published Oct 15, 2025
In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime... Moderate Unreviewed
CVE-2025-0038 was published Oct 6, 2025
Liferay Portal has Improper Validation of Specified Quantity in Input Moderate
CVE-2025-43793 was published for com.liferay.portal:com.liferay.portal.impl (Maven) Sep 15, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2... High Unreviewed
CVE-2025-2256 was published Sep 12, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 18.1.6, 18.2... Moderate Unreviewed
CVE-2025-10094 was published Sep 12, 2025
Improper Validation of Specified Quantity in Input vulnerability in ThemesGrove WP SmartPay. This... High Unreviewed
CVE-2025-32689 was published Sep 9, 2025
Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged... Moderate Unreviewed
CVE-2024-36346 was published Sep 6, 2025
In the Linux kernel, the following vulnerability has been resolved: mm/damon/ops-common: ignore... Moderate Unreviewed
CVE-2025-39700 was published Sep 5, 2025
Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo allows... Moderate Unreviewed
CVE-2025-58835 was published Sep 5, 2025
Improper Input Validation vulnerability in OpenText Self Service Password Reset allows... High Unreviewed
CVE-2025-5808 was published Aug 29, 2025
Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler... High Unreviewed
CVE-2025-8424 was published Aug 26, 2025
An issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - a fork of vlm asn1c. In... Critical Unreviewed
CVE-2025-55398 was published Aug 22, 2025
Tesla Wall Connector Content-Length Header Improper Input Validation Remote Code Execution... High Unreviewed
CVE-2025-8320 was published Jul 30, 2025
Improper validation of specified quantity in input issue exists in Real-time Bus Tracking System... Moderate Unreviewed
CVE-2025-43881 was published Jul 23, 2025
Incorrect authentication vulnerability in ParkingDoor. Through this vulnerability it is possible... Moderate Unreviewed
CVE-2025-41100 was published Jul 21, 2025
resolv vulnerable to DoS via insufficient DNS domain name length validation Moderate
CVE-2025-24294 was published for resolv (RubyGems) Jul 15, 2025
In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a... Moderate Unreviewed
CVE-2022-50020 was published Jun 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database