Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,061
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,577 advisories

Loading
Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute... Critical Unreviewed
CVE-2017-6316 was published May 17, 2022
(1) IQVW32.sys before 1.3.1.0 and (2) IQVW64.sys before 1.3.1.0 in the Intel Ethernet diagnostics... High Unreviewed
CVE-2015-2291 was published May 17, 2022
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and... Critical Unreviewed
CVE-2017-3881 was published May 13, 2022
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7... High Unreviewed
CVE-2017-0148 was published May 14, 2022
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7... High Unreviewed
CVE-2017-0146 was published May 14, 2022
Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote... High Unreviewed
CVE-2016-0185 was published May 14, 2022
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow... Moderate Unreviewed
CVE-2016-3718 was published May 14, 2022
The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders... High Unreviewed
CVE-2016-3714 was published May 14, 2022
Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute... High Unreviewed
CVE-2015-2545 was published May 14, 2022
Magento vulnerable to denial of service High
CVE-2025-49554 was published for magento/community-edition (Composer) Aug 12, 2025
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server... High Unreviewed
CVE-2022-25763 was published Aug 11, 2022
An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos... High Unreviewed
CVE-2025-26781 was published Oct 20, 2025
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to trick the... Moderate Unreviewed
CVE-2022-20350 was published Aug 11, 2022
A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Affected by this issue is... Moderate Unreviewed
CVE-2025-8963 was published Aug 14, 2025
Due to improper input validation, a buffer overflow vulnerability is present in Zigbee EZSP... Critical Unreviewed
CVE-2025-8414 was published Oct 17, 2025
alloy-dyn-abi has DoS vulnerability on `alloy_dyn_abi::TypedData` hashing High
CVE-2025-62370 was published for alloy-dyn-abi (Rust) Oct 15, 2025
emostov cr-tk
Credited to emostov and cr-tk
Kedro allows Remote Code Execution by Pulling Micro Packages High
CVE-2024-12215 was published for kedro (pip) Mar 20, 2025
GluonCV Arbitrary File Write via TarSlip High
CVE-2024-12216 was published for gluoncv (pip) Mar 20, 2025
InvokeAI Arbitrary File Deletion vulnerability Critical
CVE-2024-11042 was published for InvokeAI (pip) Mar 20, 2025
qdrant input validation failure Critical
CVE-2024-3829 was published for qdrant-client (pip) Jun 3, 2024
A vulnerability in mintplex-labs/anything-llm prior to version 1.2.2 allows for Prisma injection.... Moderate Unreviewed
CVE-2024-8251 was published Mar 20, 2025
A vulnerability in the binary-husky/gpt_academic repository, as of commit git 3890467, allows an... Moderate Unreviewed
CVE-2024-12387 was published Mar 20, 2025
In danny-avila/librechat version git 0c2a583, there is an improper input validation vulnerability... High Unreviewed
CVE-2024-11171 was published Mar 20, 2025
A local file inclusion vulnerability exists in haotian-liu/llava at commit c121f04. This... High Unreviewed
CVE-2024-12065 was published Mar 20, 2025
mudler/LocalAI version 2.17.1 allows for arbitrary file write due to improper handling of... High Unreviewed
CVE-2024-6868 was published Oct 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database