Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,838
Erlang
36
GitHub Actions
33
Go
2,460
Maven
5,000+
npm
4,082
NuGet
723
pip
3,873
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

11,415 advisories

Loading
Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet... High Unreviewed
CVE-2025-24484 was published Aug 12, 2025
Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet... Moderate Unreviewed
CVE-2025-21086 was published Aug 12, 2025
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V3.2).... Critical Unreviewed
CVE-2025-40746 was published Aug 12, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input. Low Unreviewed
CVE-2025-25212 was published Aug 11, 2025
Apache CXF: Untrusted JMS configuration can lead to RCE Moderate
CVE-2025-48913 was published for org.apache.cxf:cxf-rt-transports-jms (Maven) Aug 8, 2025
A vulnerability was found in Antabot White-Jotter 0.22. It has been declared as critical. This... Low Unreviewed
CVE-2025-8708 was published Aug 8, 2025
uv allows ZIP payload obfuscation through parsing differentials Moderate
CVE-2025-54368 was published for uv (pip) Aug 7, 2025
charliermarsh zanieb
woodruffw thatch calebbrown
Ollama allows deletion of arbitrary files Moderate
CVE-2025-44779 was published for github.com/ollama/ollama (Go) Aug 7, 2025
Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66... Moderate Unreviewed
CVE-2025-8582 was published Aug 7, 2025
A vulnerability in QCMS version 6.0.5 allows authenticated users to read arbitrary files from the... Moderate Unreviewed
CVE-2025-50233 was published Aug 6, 2025
Transient DOS while processing CCCH data when NW sends data with invalid length. High Unreviewed
CVE-2025-21477 was published Aug 6, 2025
Issue of buffer overflow caused by insufficient data verification in the kernel acceleration... Moderate Unreviewed
CVE-2025-54641 was published Aug 6, 2025
Issue of buffer overflow caused by insufficient data verification in the kernel gyroscope module.... Moderate Unreviewed
CVE-2025-54642 was published Aug 6, 2025
Issue of buffer overflow caused by insufficient data verification in the kernel drop detection... Moderate Unreviewed
CVE-2025-54636 was published Aug 6, 2025
Input verification vulnerability in the home screen module. Impact: Successful exploitation of... Moderate Unreviewed
CVE-2025-54614 was published Aug 6, 2025
Concrete CMS is vulnerable to Stored XSS from Home Folder on Members Dashboard page Low
CVE-2025-8573 was published for concrete5/concrete5 (Composer) Aug 6, 2025
Concrete CMS vulnerable to Reflected Cross-Site Scripting (XSS) in Conversation Messages Dashboard Page Moderate
CVE-2025-8571 was published for concrete5/concrete5 (Composer) Aug 6, 2025
Improper Input Validation vulnerability in Roche Diagnostics navify Monitoring allows an attacker... High Unreviewed
CVE-2025-7674 was published Aug 5, 2025
The ICTBroadcast application unsafely passes session cookie data to shell processing, allowing an... Critical Unreviewed
CVE-2025-2611 was published Aug 5, 2025
An Improper Input Validation in EdgeMAX EdgeSwitch (Version 1.10.4 and earlier) could allow a... High Unreviewed
CVE-2025-27211 was published Aug 5, 2025
An Improper Input Validation in certain UniFi Access devices could allow a Command Injection by a... Critical Unreviewed
CVE-2025-27212 was published Aug 5, 2025
Apache Zeppelin: Arbitrary file read by adding malicious JDBC connection string Moderate
CVE-2024-52279 was published for org.apache.zeppelin:zeppelin-jdbc (Maven) Aug 3, 2025
uploadsm in ChargePoint Home Flex 5.5.4.13 does not validate a user-controlled string for bz2... High Unreviewed
CVE-2025-54564 was published Aug 1, 2025
A stack-based buffer overflow vulnerability exists in MPlayer Lite r33064 due to improper bounds... High Unreviewed
CVE-2011-10008 was published Jul 31, 2025
Dell PowerProtect Data Manager, versions prior to 19.19, contain(s) an Improper Input Validation... Moderate Unreviewed
CVE-2025-30480 was published Jul 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database