Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,050 advisories

Loading
CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when... High Unreviewed
CVE-2025-6625 was published Aug 18, 2025
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ... High Unreviewed
CVE-2025-20148 was published Aug 14, 2025
A security issues exists within Studio 5000 Logix Designer due to unsafe handling of environment... High Unreviewed
CVE-2025-7971 was published Aug 14, 2025
Loading arbitrary external URLs through WebView components introduces malicious JS code that can... High Unreviewed
CVE-2025-27388 was published Aug 14, 2025
A buffer overflow vulnerability exists in the module SetupUtility. An attacker with local... High Unreviewed
CVE-2025-4410 was published Aug 13, 2025
UsbCoreDxe has a vulnerability which can be used to write arbitrary memory inside SMRAM and... High Unreviewed
CVE-2025-4276 was published Aug 13, 2025
Tcg2Smm has a vulnerability which can be used to write arbitrary memory inside SMRAM and execute... High Unreviewed
CVE-2025-4277 was published Aug 13, 2025
Magento vulnerable to denial of service High
CVE-2025-49554 was published for magento/community-edition (Composer) Aug 12, 2025
Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet... High Unreviewed
CVE-2025-24486 was published Aug 12, 2025
Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet... High Unreviewed
CVE-2025-24484 was published Aug 12, 2025
Transient DOS while processing CCCH data when NW sends data with invalid length. High Unreviewed
CVE-2025-21477 was published Aug 6, 2025
Improper Input Validation vulnerability in Roche Diagnostics navify Monitoring allows an attacker... High Unreviewed
CVE-2025-7674 was published Aug 5, 2025
An Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.10.4 and earlier) could allow a... High Unreviewed
CVE-2025-27211 was published Aug 5, 2025
uploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2... High Unreviewed
CVE-2025-54564 was published Aug 1, 2025
A stack-based buffer overflow vulnerability exists in MPlayer Lite r33064 due to improper bounds... High Unreviewed
CVE-2011-10008 was published Jul 31, 2025
A denial-of-service issue was addressed with improved input validation. This issue is fixed in... High Unreviewed
CVE-2025-43223 was published Jul 30, 2025
Improper session invalidation in the component /edms/change-password.php of PHPGurukul e-Diary... High Unreviewed
CVE-2025-50492 was published Jul 28, 2025
Improper session invalidation in the component /srms/change-password.php of PHPGurukul Student... High Unreviewed
CVE-2025-50489 was published Jul 28, 2025
Improper session invalidation in the component /elms/emp-changepassword.php of PHPGurukul Student... High Unreviewed
CVE-2025-50490 was published Jul 28, 2025
Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Car... High Unreviewed
CVE-2025-50494 was published Jul 28, 2025
Improper session invalidation in the component /doctor/change-password.php of PHPGurukul Doctor... High Unreviewed
CVE-2025-50493 was published Jul 28, 2025
A filename spoofing vulnerability exists in WinRAR when opening specially crafted ZIP archives.... High Unreviewed
CVE-2014-125119 was published Jul 25, 2025
A stack-based buffer overflow vulnerability exists in i-Ftp version 2.20 due to improper handling... High Unreviewed
CVE-2014-125114 was published Jul 25, 2025
XWiki Platform vulnerable to SQL injection through XWiki#searchDocuments API High
CVE-2025-54385 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jul 25, 2025
FastAPI Guard has a regex bypass High
CVE-2025-54365 was published for fastapi-guard (pip) Jul 23, 2025
dhki rennf93
Credited to dhki and rennf93
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database