Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,417
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

101,966 advisories

Loading
pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing... High Unreviewed
CVE-2019-9923 was published May 13, 2022
Electrolink FM/DAB/TV Transmitter Web Management System Unauthorized access vulnerability via the... High Unreviewed
CVE-2025-51040 was published Aug 6, 2025
Incorrect access control in Sage DPW v2024.12.003 allows unauthorized attackers to access the... High Unreviewed
CVE-2025-51532 was published Aug 6, 2025
An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. Information disclosure can... High Unreviewed
CVE-2025-46659 was published Aug 6, 2025
Cross-site scripting (XSS) vulnerability in Zone Bitaqati thru 3.4.0. High Unreviewed
CVE-2025-51624 was published Aug 6, 2025
jsrsasign v11.1.0 was discovered to contain weak encryption. High Unreviewed
CVE-2025-45764 was published Aug 6, 2025
Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contain a Creation of Temporary File... High Unreviewed
CVE-2025-38747 was published Aug 6, 2025
poco v1.14.1-release was discovered to contain weak encryption. High Unreviewed
CVE-2025-45766 was published Aug 6, 2025
A maliciously crafted RBG file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds... High Unreviewed
CVE-2025-6633 was published Aug 6, 2025
Tigo Energy's CCA is vulnerable to a command injection vulnerability in the /cgi-bin/mobile_api... High Unreviewed
CVE-2025-7769 was published Aug 6, 2025
Tigo Energy's CCA device is vulnerable to insecure session ID generation in their remote API. The... High Unreviewed
CVE-2025-7770 was published Aug 6, 2025
A maliciously crafted TGA file, when linked or imported into Autodesk 3ds Max, can force a Memory... High Unreviewed
CVE-2025-6634 was published Aug 6, 2025
A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04... High Unreviewed
CVE-2025-8231 was published Jul 27, 2025
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that... High Unreviewed
CVE-2025-7425 was published Jul 10, 2025
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Windows... High Unreviewed
CVE-2025-6759 was published Jul 9, 2025
Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway High Unreviewed
CVE-2025-5349 was published Jun 17, 2025
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix... High Unreviewed
CVE-2025-4879 was published Jun 17, 2025
On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments... High Unreviewed
CVE-2025-53786 was published Aug 6, 2025
The go command may execute unexpected commands when operating in untrusted VCS repositories. This... High Unreviewed
CVE-2025-4674 was published Jul 30, 2025
Local Privilege escalation allows a low-privileged user to gain SYSTEM privileges in Citrix... High Unreviewed
CVE-2025-0320 was published Jun 17, 2025
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size... High Unreviewed
CVE-2025-6021 was published Jun 12, 2025
T.38 dissector crash in Wireshark 4.2.0 to 4.0.3 and 4.0.0 to 4.0.13 allows denial of service via... High Unreviewed
CVE-2024-2955 was published Mar 26, 2024
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based... High Unreviewed
CVE-2025-3354 was published Aug 6, 2025
A Remote Code Execution (RCE) vulnerability in Grav CMS v1.7.48 allows an authenticated admin to... High Unreviewed
CVE-2025-50286 was published Aug 6, 2025
IBM Tivoli Monitoring 6.3.0.7 through 6.3.0.7 Service Pack 20 is vulnerable to a heap-based... High Unreviewed
CVE-2025-3320 was published Aug 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database