Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,050 advisories

Loading
Improper Input Validation vulnerability in TOTOLINK X6000R allows Command Injection, File... High Unreviewed
CVE-2025-52907 was published Sep 24, 2025
Memory corruption while processing data sent by FE driver. High Unreviewed
CVE-2025-47314 was published Sep 24, 2025
Improper Input Validation vulnerability in TOTOLINK X6000R allows Flooding.This issue affects... High Unreviewed
CVE-2025-52905 was published Sep 23, 2025
Codex has sandbox bypass due to bug in path configuration logic High
CVE-2025-59532 was published for @openai/codex (npm) Sep 19, 2025
An issue was discovered in Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01 allowing attackers to... High Unreviewed
CVE-2025-57528 was published Sep 19, 2025
NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker may... High Unreviewed
CVE-2025-23268 was published Sep 18, 2025
The issue was addressed with improved input validation. This issue is fixed in tvOS 26, watchOS... High Unreviewed
CVE-2025-43372 was published Sep 16, 2025
An issue was discovered in MariaDB MCP 0.1.0 allowing attackers to gain sensitive information via... High Unreviewed
CVE-2025-56404 was published Sep 10, 2025
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input... High Unreviewed
CVE-2025-54248 was published Sep 9, 2025
Apache DolphinScheduler vulnerable to Alert Script Attack High
CVE-2024-43115 was published for org.apache.dolphinscheduler:dolphinscheduler (Maven) Sep 9, 2025
A security issue exists in the protected mode of 1756-EN4TR and 1756-EN2TR communication modules,... High Unreviewed
CVE-2025-8007 was published Sep 9, 2025
Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow... High Unreviewed
CVE-2024-36342 was published Sep 6, 2025
Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker... High Unreviewed
CVE-2024-36354 was published Sep 6, 2025
Improper input validation in the system management mode (SMM) could allow a privileged attacker... High Unreviewed
CVE-2024-21947 was published Sep 6, 2025
In onCreate of MediaProjectionPermissionActivity.java , there is a possible way to grant a... High Unreviewed
CVE-2025-32322 was published Sep 4, 2025
In multiple methods of NotificationChannel.java, there is a possible desynchronization from... High Unreviewed
CVE-2025-48556 was published Sep 4, 2025
In multiple locations, there is a possible way to persistently DoS the device due to improper... High Unreviewed
CVE-2025-48537 was published Sep 4, 2025
In onCreate of FaceSettings.java, there is a possible way to remove biometric unlock across user... High Unreviewed
CVE-2025-48541 was published Sep 4, 2025
In getCallingAppName of Shared.java, there is a possible way to trick users into granting file... High Unreviewed
CVE-2025-32323 was published Sep 4, 2025
In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out of bounds write due to... High Unreviewed
CVE-2024-56190 was published Sep 4, 2025
O2OA v9.0.3 was discovered to contain a remote code execution (RCE) vulnerability via the... High Unreviewed
CVE-2024-37777 was published Aug 27, 2025
jsPDF Denial of Service (DoS) High
CVE-2025-57810 was published for jspdf (npm) Aug 26, 2025
AlexRomberg
Credited to AlexRomberg
Improper Input Validation vulnerability in Salesforce Tableau Server on Windows, Linux (tabdoc... High Unreviewed
CVE-2025-52451 was published Aug 22, 2025
An issue was discovered in the changePassword method in file /usr/share/php/openmediavault/system... High Unreviewed
CVE-2025-50674 was published Aug 22, 2025
Kaillera Server version 0.86 is vulnerable to a denial-of-service condition triggered by sending... High Unreviewed
CVE-2011-10020 was published Aug 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database