Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,820
Erlang
36
GitHub Actions
32
Go
2,412
Maven
5,000+
npm
4,050
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,004
Swift
38
Unreviewed advisories
All unreviewed
5,000+

26,433 advisories

Loading
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in... Critical Unreviewed
CVE-2025-43209 was published Jul 30, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-43232 was published Jul 30, 2025
This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-43233 was published Jul 30, 2025
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. All dashcams were shipped with... Critical Unreviewed
CVE-2025-30125 was published Jul 28, 2025
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. When a new SD card is inserted... Critical Unreviewed
CVE-2025-30124 was published Jul 28, 2025
An issue was discovered on IROAD Dashcam FX2 devices. Bypass of Device Pairing/Registration can... Critical Unreviewed
CVE-2025-30133 was published Jul 28, 2025
LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability in how it handles user-supplied HTTP... Critical Unreviewed
CVE-2025-50578 was published Jul 30, 2025
A race condition was addressed with additional validation. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-43275 was published Jul 30, 2025
A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-43245 was published Jul 30, 2025
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in... Critical Unreviewed
CVE-2025-43237 was published Jul 30, 2025
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15... Critical Unreviewed
CVE-2025-43198 was published Jul 30, 2025
A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-43199 was published Jul 30, 2025
A Cross-Site Scripting (XSS) vulnerability has been identified in Psono-Client’s handling of... Critical Unreviewed
CVE-2025-1987 was published Jun 22, 2025
Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an... Critical Unreviewed
CVE-2025-0982 was published Feb 6, 2025
Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows... Critical Unreviewed
CVE-2025-40600 was published Jul 30, 2025
A Missing Authentication for Critical Function vulnerability in SUSE Manager allows anyone with... Critical Unreviewed
CVE-2025-46811 was published Jul 30, 2025
A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath... Critical Unreviewed
CVE-2025-49794 was published Jun 16, 2025
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML... Critical Unreviewed
CVE-2025-49796 was published Jun 16, 2025
yiisoft/yii2 Mishandles the Attaching of Behavior Defined by a `__class` Array Key Critical
CVE-2024-58136 was published for yiisoft/yii2 (Composer) Apr 10, 2025
BentoML SSRF Vulnerability in File Upload Processing Critical
CVE-2025-54381 was published for bentoml (pip) Jul 29, 2025
geckosecurity jjjutla
nkoorty
Node-SAML SAML Signature Verification Vulnerability Critical
CVE-2025-54419 was published for @node-saml/node-saml (npm) Jul 28, 2025
ahacker1-securesaml cjbarth
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated,... Critical Unreviewed
CVE-2025-20281 was published Jun 26, 2025
A command injection vulnerability exists in the /check_image_and_trigger_recovery API endpoint of... Critical Unreviewed
CVE-2024-13871 was published Mar 12, 2025
Bitdefender Box, versions 1.3.11.490 through 1.3.11.505, uses the insecure HTTP protocol to... Critical Unreviewed
CVE-2024-13872 was published Mar 12, 2025
Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x... Critical Unreviewed
CVE-2017-15944 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database