Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,577 advisories

Loading
An OS command injection vulnerability exists in sar2html version 3.2.2 and prior via the plot... Critical Unreviewed
CVE-2025-34030 was published Jun 20, 2025
An OS command injection vulnerability exists in MiniDVBLinux version 5.4 and earlier. The system... Critical Unreviewed
CVE-2025-25038 was published Jun 20, 2025
An OS command injection vulnerability exists in the Edimax EW-7438RPn firmware version 1.13 and... Critical Unreviewed
CVE-2025-34024 was published Jun 20, 2025
Upsonic has vulnerability in Pickle Handler component that can lead to deserialization Low
CVE-2025-6279 was published for upsonic (pip) Jun 19, 2025
An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of... High Unreviewed
CVE-2025-29646 was published Jun 18, 2025
Improper Input Validation vulnerability in Profisee on Windows (filesystem modules) allows Path... Moderate Unreviewed
CVE-2025-6240 was published Jun 18, 2025
Grafana long dashboard title or panel name causes unresponsives Low
CVE-2025-1088 was published for github.com/grafana/grafana (Go) Jun 18, 2025
Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05... High Unreviewed
CVE-2024-55567 was published Jun 12, 2025
There is an insufficient input validation vulnerability in the warehouse component of Absolute... Moderate Unreviewed
CVE-2025-49081 was published Jun 12, 2025
Path traversal in Google Web Designer's template handling versions prior to 16.3.0.0407 on... High Unreviewed
CVE-2025-4613 was published Jun 12, 2025
Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an... Critical Unreviewed
CVE-2024-1244 was published Jun 11, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Input Validation... Low Unreviewed
CVE-2025-47096 was published Jun 11, 2025
CIRCL-Fourq: Missing and wrong validation can lead to incorrect results Low
CVE-2025-8556 was published for github.com/cloudflare/circl (Go) Jun 10, 2025
Improper input validation performed during the authentication process of FlashBlade could lead to... High Unreviewed
CVE-2025-0052 was published Jun 10, 2025
Improper input validation performed during the authentication process of FlashArray could lead to... High Unreviewed
CVE-2025-0051 was published Jun 10, 2025
Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate... High Unreviewed
CVE-2025-47968 was published Jun 10, 2025
Improper input validation in Microsoft Office Outlook allows an authorized attacker to execute... Moderate Unreviewed
CVE-2025-47171 was published Jun 10, 2025
GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF) Critical
CVE-2024-34711 was published for org.geoserver.main:gs-main (Maven) Jun 10, 2025
lemauanhphong jodygarnett
Credited to lemauanhphong and jodygarnett
Improper Input Validation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access... High Unreviewed
CVE-2025-4680 was published Jun 10, 2025
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an... High Unreviewed
CVE-2025-3116 was published Jun 10, 2025
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an... High Unreviewed
CVE-2025-3898 was published Jun 10, 2025
An improper input validation discovered in Avaya Call Management System could allow an... Critical Unreviewed
CVE-2025-1041 was published Jun 10, 2025
In AMD Versal Adaptive SoC devices, the lack of address validation when executing PLM runtime... Moderate Unreviewed
CVE-2025-0037 was published Jun 10, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input. Low Unreviewed
CVE-2025-27242 was published Jun 8, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input. Moderate Unreviewed
CVE-2025-27131 was published Jun 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database