Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,416
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

12,264 advisories

Loading
Cross-site scripting vulnerability has been identified in HPE Telco Service Activator product Low Unreviewed
CVE-2025-37109 was published Jul 31, 2025
Microweber Has Stored XSS Vulnerability in User Profile Fields Low
CVE-2025-51503 was published for microweber/microweber (Composer) Jul 31, 2025
D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_road_asp function via the... Low Unreviewed
CVE-2025-51383 was published Jul 31, 2025
D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the... Low Unreviewed
CVE-2025-51384 was published Jul 31, 2025
D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the yyxz_dlink_asp function via the... Low Unreviewed
CVE-2025-51385 was published Jul 31, 2025
MaterialX Null Pointer Dereference in MaterialXCore Shader Generation due to Unchecked implGraphOutput Low
CVE-2025-53011 was published for MaterialX (pip) Jul 31, 2025
suidpit TheZ3ro
ndaprela smaury
MaterialX Null Pointer Dereference in getShaderNodes due to Unchecked nodeGraph->getOutput return Low
CVE-2025-53010 was published for MaterialX (pip) Jul 31, 2025
suidpit TheZ3ro
ndaprela smaury
MS SWIFT Remote Code Execution via unsafe PyYAML deserialization Low
CVE-2025-50460 was published for ms-swift (pip) Jul 31, 2025
Anchor0221
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5, contains a Use of Hard-coded Password... Low Unreviewed
CVE-2025-36609 was published Jul 30, 2025
Moby firewalld reload removes bridge network isolation Low
CVE-2025-54410 was published for github.com/docker/docker (Go) Jul 29, 2025
Koa Open Redirect via Referrer Header (User-Controlled) Low
CVE-2025-8129 was published for koa (npm) Jul 29, 2025
NinjaGPT zast-ai
fengmk2
Netavark Has Possible DNS Resolve Confusion Low
CVE-2025-8283 was published for netavark (Rust) Jul 28, 2025
In JetBrains TeamCity before 2025.07 a CSRF was possible in external OAuth login integration Low Unreviewed
CVE-2025-54529 was published Jul 28, 2025
A flaw was found in GLib. A denial of service on Windows platforms may occur if an application... Low Unreviewed
CVE-2025-4056 was published Jul 28, 2025
A vulnerability has been found in Vaelsys 4.1.0 and classified as problematic. This vulnerability... Low Unreviewed
CVE-2025-8260 was published Jul 28, 2025
Duplicate Advisory: buffered-reader vulnerable to out-of-bounds array access leading to panic Low
GHSA-q5h2-xq96-6gmc was published for buffered-reader (Rust) Jul 28, 2025 withdrawn
Duplicate Advisory: sequoia-openpgp vulnerable to out-of-bounds array access leading to panic Low
GHSA-rfx3-ffrp-6875 was published for sequoia-openpgp (Rust) Jul 28, 2025 withdrawn
Duplicate Advisory: Multiple issues involving quote API in shlex Low
GHSA-286m-6pg9-v42v was published for shlex (Rust) Jul 28, 2025 withdrawn
Duplicate Advisory: Unauthenticated Nonce Increment in snow Low
GHSA-97f8-h76h-f297 was published for snow (Rust) Jul 28, 2025 withdrawn
Duplicate Advisory: serde-json-wasm stack overflow during recursive JSON parsing Low
GHSA-j87p-gjr6-m4pv was published for serde-json-wasm (Rust) Jul 27, 2025 withdrawn
Duplicate Advisory: Low severity (DoS) vulnerability in sequoia-openpgp Low
GHSA-g97w-mw7g-v3jv was published for sequoia-openpgp (Rust) Jul 27, 2025 withdrawn
Duplicate Advisory: curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub` Low
GHSA-4hff-hh47-7788 was published for curve25519-dalek (Rust) Jul 27, 2025 withdrawn
Duplicate Advisory: CosmWasm affected by arithmetic overflows Low
GHSA-rm83-pxjx-pr5j was published for cosmwasm-std (Rust) Jul 27, 2025 withdrawn
A vulnerability, which was classified as problematic, was found in Comodo Dragon up to 134.0.6998... Low Unreviewed
CVE-2025-8206 was published Jul 26, 2025
A vulnerability classified as problematic was found in Comodo Dragon up to 134.0.6998.179.... Low Unreviewed
CVE-2025-8204 was published Jul 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database