Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,428
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

94,315 advisories

Loading
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: fix double... High Unreviewed
CVE-2024-56766 was published Jan 6, 2025
An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML... High Unreviewed
CVE-2024-46602 was published Jan 7, 2025
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free... High Unreviewed
CVE-2024-56759 was published Jan 6, 2025
A vulnerability in the Gen7 SonicOS Cloud platform NSv, allows a remote authenticated local low... High Unreviewed
CVE-2024-53706 was published Jan 9, 2025
Bangkok Medical Software HOSxP XE v4.64.11.3 was discovered to contain a hardcoded IDEA Key-IV... High Unreviewed
CVE-2024-53522 was published Jan 7, 2025
Software installed and run as a non-privileged user may conduct improper GPU system calls to... High Unreviewed
CVE-2024-46972 was published Dec 28, 2024
Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2-... High Unreviewed
CVE-2024-30962 was published Dec 6, 2024
In the Linux kernel, the following vulnerability has been resolved: nfsd: cancel... High Unreviewed
CVE-2024-50121 was published Nov 5, 2024
In the Linux kernel, the following vulnerability has been resolved: ataflop: potential out of... High Unreviewed
CVE-2021-47039 was published Feb 28, 2024
In the Linux kernel, the following vulnerability has been resolved: ipc/mqueue, msg, sem: avoid... High Unreviewed
CVE-2021-47069 was published Mar 2, 2024
Memory corruption in SPS Application while requesting for public key in sorter TA. High Unreviewed
CVE-2023-28547 was published Apr 1, 2024
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22313 was published Jan 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22527 was published Jan 9, 2025
An Improper Control of a Resource Through its Lifetime vulnerability in the routing protocol... High Unreviewed
CVE-2025-21593 was published Jan 9, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Admin Theme allows Cross... High Unreviewed
CVE-2025-22814 was published Jan 9, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-22508 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Konrad Karpieszuk WC Price History for Omnibus... High Unreviewed
CVE-2025-22510 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22361 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22330 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22331 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22539 was published Jan 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22537 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22595 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22307 was published Jan 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22505 was published Jan 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database