Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,670
Maven
5,000+
npm
4,296
NuGet
760
pip
4,075
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

20 advisories

Loading
An acceptance of extraneous untrusted data with trusted data vulnerability has been identified in... Low Unreviewed
CVE-2025-1680 was published Oct 23, 2025
Under certain circumstances, BIND is too lenient when accepting records from answers, allowing an... High Unreviewed
CVE-2025-40778 was published Oct 22, 2025
NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack... Moderate Unreviewed
CVE-2025-11411 was published Oct 22, 2025
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Cache Poisoning in... Moderate Unreviewed
CVE-2025-11703 was published Oct 18, 2025
A multi-vendor cache poisoning vulnerability named 'Rebirthday Attack' has been discovered in... High Unreviewed
CVE-2025-5994 was published Jul 16, 2025
A `named` caching resolver that is configured to send ECS (EDNS Client Subnet) options may be... High Unreviewed
CVE-2025-40776 was published Jul 16, 2025
Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an... Moderate Unreviewed
CVE-2025-48804 was published Jul 8, 2025
A vulnerability in client join services of Cisco Webex Meetings could allow an unauthenticated,... Moderate Unreviewed
CVE-2025-20255 was published May 21, 2025
Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized... High Unreviewed
CVE-2025-29842 was published May 13, 2025
Improper input validation in Microsoft Office Word allows an unauthorized attacker to bypass a... High Unreviewed
CVE-2025-29816 was published Apr 8, 2025
In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via... Moderate Unreviewed
CVE-2024-52555 was published Nov 15, 2024
The pagination class includes arbitrary parameters in links, leading to cache poisoning attack... Moderate Unreviewed
CVE-2024-27185 was published Aug 20, 2024
Acceptance of extraneous untrusted data with trusted data vulnerability exists in EC-CUBE 4... High Unreviewed
CVE-2024-41924 was published Jul 30, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2024-21094 was published Apr 17, 2024
Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p25 and <2.3.0b5... Moderate Unreviewed
CVE-2024-3367 was published Apr 16, 2024
In JetBrains IntelliJ IDEA before 2023.3.2 code execution was possible in Untrusted Project mode... Moderate Unreviewed
CVE-2023-51655 was published Dec 21, 2023
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE... High Unreviewed
CVE-2023-44317 was published Nov 14, 2023
A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation. Moderate Unreviewed
CVE-2023-3749 was published Aug 3, 2023
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where... Low Unreviewed
CVE-2020-10751 was published May 24, 2022
A vulnerability exists in the way that iTerm2 integrates with tmux's control mode, which may... Critical Unreviewed
CVE-2019-9535 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database