Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,754 advisories

Loading
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 26... High Unreviewed
CVE-2025-43361 was published Nov 4, 2025
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... High Unreviewed
CVE-2025-43385 was published Nov 4, 2025
[This CNA information record relates to multiple CVEs; the text explains which aspects... High Unreviewed
CVE-2025-58147 was published Oct 31, 2025
[This CNA information record relates to multiple CVEs; the text explains which aspects... High Unreviewed
CVE-2025-58148 was published Oct 31, 2025
QLowEnergyController in Qt before 6.8.2 mishandles malformed Bluetooth ATT commands, leading to... Low Unreviewed
CVE-2025-23050 was published Oct 31, 2025
An out-of-bounds read vulnerability has been discovered in Monkey's Audio 11.31, specifically in... Critical Unreviewed
CVE-2025-61043 was published Oct 28, 2025
In the Linux kernel, the following vulnerability has been resolved: zonefs: fix... High Unreviewed
CVE-2022-49706 was published Oct 24, 2025
In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond... High Unreviewed
CVE-2022-49674 was published Oct 24, 2025
An issue was discovered in BAE SOCET GXP before 4.6.0.2. An attacker with the ability to interact... High Unreviewed
CVE-2025-54963 was published Oct 23, 2025
NVIDIA Display Driver for Windows and Linux contains a vulnerability in a video decoder, where an... Moderate Unreviewed
CVE-2025-23345 was published Oct 23, 2025
Vulnerability in the RDBMS Functional Index component of Oracle Database Server. Supported... Low Unreviewed
CVE-2025-53051 was published Oct 21, 2025
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... Moderate Unreviewed
CVE-2025-53055 was published Oct 21, 2025
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... Moderate Unreviewed
CVE-2025-53063 was published Oct 21, 2025
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... Moderate Unreviewed
CVE-2025-53065 was published Oct 21, 2025
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... Moderate Unreviewed
CVE-2025-53048 was published Oct 21, 2025
In the Linux kernel, the following vulnerability has been resolved: module: fix [e_shstrndx]... High Unreviewed
CVE-2022-49444 was published Oct 21, 2025
In the Linux kernel, the following vulnerability has been resolved: ASoC: cs35l41: Fix an out-of... High Unreviewed
CVE-2022-49515 was published Oct 21, 2025
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology:... High Unreviewed
CVE-2022-49518 was published Oct 21, 2025
In the Linux kernel, the following vulnerability has been resolved: ath9k_htc: fix potential out... High Unreviewed
CVE-2022-49503 was published Oct 21, 2025
Out-of-bounds Read in lws_upng_emit_next_line in warmcat libwebsockets allows, when the... Moderate Unreviewed
CVE-2025-11679 was published Oct 20, 2025
A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo... Moderate Unreviewed
CVE-2025-11840 was published Oct 16, 2025
A vulnerability exists in the QuickJS engine's BigInt string conversion logic ... Moderate Unreviewed
CVE-2025-62493 was published Oct 16, 2025
A vulnerability stemming from floating-point arithmetic precision errors exists in the QuickJS... Moderate Unreviewed
CVE-2025-62492 was published Oct 16, 2025
When a BIG-IP APM OAuth access profile (Resource Server or Resource Client) is configured on a... High Unreviewed
CVE-2025-54854 was published Oct 15, 2025
Undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  This issue... High Unreviewed
CVE-2025-61951 was published Oct 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database