Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,262
NuGet
760
pip
4,058
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

12,721 advisories

Loading
Wasmtime provides unsound API access to a WebAssembly shared linear memory Low
CVE-2025-64345 was published for wasmtime (Rust) Nov 12, 2025
sudo-rs: Partial password reveal is possible after timeout Low
CVE-2025-64170 was published for sudo-rs (Rust) Nov 12, 2025
DevLaTron bjorn3
MggMuggins squell
Credited to DevLaTron, bjorn3, MggMuggins, and squell
changedetection.io: Stored XSS in Watch update via API Low
CVE-2025-62780 was published for changedetection.io (pip) Nov 12, 2025
edoardottt
Credited to edoardottt
In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform... Low Unreviewed
CVE-2025-20379 was published Nov 12, 2025
In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, 9.2.9, and Splunk Cloud Platform... Low Unreviewed
CVE-2025-20378 was published Nov 12, 2025
When using the Grafana Snowflake Datasource Plugin, if Oauth passthrough is enabled on the... Low Unreviewed
CVE-2025-3717 was published Nov 11, 2025
When using the Grafana Databricks Datasource Plugin, if Oauth passthrough is enabled on the... Low Unreviewed
CVE-2025-41116 was published Nov 11, 2025
Improper access control for some Intel(R) PresentMon before version 2.3.1 within Ring 3: User... Low Unreviewed
CVE-2025-32037 was published Nov 11, 2025
Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within... Low Unreviewed
CVE-2025-24314 was published Nov 11, 2025
Improper input validation in some firmware for some Intel(R) Graphics Drivers and Intel LTS... Low Unreviewed
CVE-2025-25216 was published Nov 11, 2025
Improper neutralization for some Intel(R) Neural Compressor software before version v3.4 within... Low Unreviewed
CVE-2025-27712 was published Nov 11, 2025
Unrestricted upload of file with dangerous type for some Intel(R) CIP software before version... Low Unreviewed
CVE-2025-24862 was published Nov 11, 2025
Improper privilege management for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001... Low Unreviewed
CVE-2025-24307 was published Nov 11, 2025
Sensitive information uncleared in resource before release for reuse for some Intel(R) NPU... Low Unreviewed
CVE-2025-20622 was published Nov 11, 2025
In JetBrains YouTrack before 2025.3.104432 a race condition allowed bypass of helpdesk Agent limit Low Unreviewed
CVE-2025-64773 was published Nov 11, 2025
Login credentials are inadvertently recorded in logs if a Syslog Server is configured in NETGEAR... Low Unreviewed
CVE-2025-12940 was published Nov 11, 2025
It was possible to upload files with a specific name to a temporary directory, which may result... Low Unreviewed
CVE-2025-8998 was published Nov 11, 2025
Migration Workbench (DX Workbench) in SAP NetWeaver Application Server for ABAP fails to trigger... Low Unreviewed
CVE-2025-42883 was published Nov 11, 2025
An authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple... Low Unreviewed
CVE-2025-63678 was published Nov 11, 2025
In JetBrains YouTrack before 2025.3.104432 missing user principal cleanup led to reuse of... Low Unreviewed
CVE-2025-64686 was published Nov 10, 2025
In JetBrains Hub before 2025.3.104432 a race condition allowed bypass of the Agent-user limit Low Unreviewed
CVE-2025-64682 was published Nov 10, 2025
In JetBrains Hub before 2025.3.104992 a race condition allowed bypass of the user limit via... Low Unreviewed
CVE-2025-64681 was published Nov 10, 2025
A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The... Low Unreviewed
CVE-2025-12918 was published Nov 9, 2025
A cross-site request forgery (CSRF) vulnerability has been reported to affect QuLog Center. The... Low Unreviewed
CVE-2025-58469 was published Nov 7, 2025
A relative path traversal vulnerability has been reported to affect Download Station. If a remote... Low Unreviewed
CVE-2025-58463 was published Nov 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database