Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,552
Maven
5,000+
npm
4,224
NuGet
746
pip
3,999
Pub
12
RubyGems
953
Rust
1,041
Swift
45
Unreviewed advisories
All unreviewed
5,000+

112,524 advisories

Loading
Use After Free (UAF) vulnerability in the storage management module. Successful exploitation of... High Unreviewed
CVE-2025-58299 was published Oct 11, 2025
Use After Free (UAF) vulnerability in the office service. Successful exploitation of this... High Unreviewed
CVE-2025-58287 was published Oct 11, 2025
cel-rust May Panic During Parsing of Invalid CEL Expressions High
CVE-2025-62162 was published for cel (Rust) Oct 11, 2025
howardjohn alexsnaps
Credited to howardjohn and alexsnaps
Parallax is vulnerable to DoS via malicious p2p message High
GHSA-xc79-566c-j4qx was published for github.com/microstack-tech/parallax (Go) Oct 10, 2025
Flowise is vulnerable to arbitrary file exposure through its ReadFileTool High
GHSA-j44m-5v8f-gc9c was published for flowise (npm) Oct 10, 2025
XlabAITeam
Credited to XlabAITeam
A HTML injection vulnerability exists in Perfex CRM v3.3.1. The application fails to sanitize... High Unreviewed
CVE-2025-55903 was published Oct 10, 2025
A vulnerability was determined in Tenda AC7 15.03.06.44. This affects an unknown function of the... High Unreviewed
CVE-2025-11586 was published Oct 10, 2025
Bagisto is vulnerable to XSS through Admin Panel's product creation path High
CVE-2025-60880 was published for bagisto/bagisto (Composer) Oct 10, 2025
Authlib is vulnerable to Denial of Service via Oversized JOSE Segments High
CVE-2025-61920 was published for authlib (pip) Oct 10, 2025
AL-Cybision
Credited to AL-Cybision
NVIDIA Display Driver for Linux contains a vulnerability where an attacker might be able to use a... High Unreviewed
CVE-2025-23282 was published Oct 10, 2025
NVIDIA Display Driver for Linux contains a vulnerability where an attacker could cause a use... High Unreviewed
CVE-2025-23280 was published Oct 10, 2025
NVIDIA Display Driver contains a vulnerability where an uncontrolled DLL loading path might lead... High Unreviewed
CVE-2025-23309 was published Oct 10, 2025
Rack is vulnerable to a memory-exhaustion DoS through unbounded URL-encoded body parsing High
CVE-2025-61919 was published for rack (RubyGems) Oct 10, 2025
Pirikara jeremyevans
ioquatix
Credited to Pirikara, jeremyevans, and ioquatix
quic-go: Panic occurs when queuing undecryptable packets after handshake completion High
CVE-2025-59530 was published for github.com/quic-go/quic-go (Go) Oct 10, 2025
rsukhodolskyi
Credited to rsukhodolskyi
Publii CMS v0.46.5 (build 17089) allows persistent Cross-Site Scripting (XSS) via unsanitized... High Unreviewed
CVE-2025-60869 was published Oct 10, 2025
Stored HTML injection in RISE Ultimate Project Manager & CRM allows authenticated users to inject... High Unreviewed
CVE-2025-60378 was published Oct 10, 2025
An out-of-bounds write vulnerability exists in VS6ComFile!CItemExChange::WinFontDynStrCheck of V... High Unreviewed
CVE-2025-61857 was published Oct 10, 2025
An out-of-bounds read vulnerability exists in VS6ComFile!get_ovlp_element_size of V-SFT v6.2.7.0... High Unreviewed
CVE-2025-61862 was published Oct 10, 2025
A use after free vulnerability exists in VS6ComFile!load_link_inf of V-SFT v6.2.7.0 and earlier.... High Unreviewed
CVE-2025-61864 was published Oct 10, 2025
An out-of-bounds write vulnerability exists in VS6ComFile!set_AnimationItem of V-SFT v6.2.7.0 and... High Unreviewed
CVE-2025-61858 was published Oct 10, 2025
An out-of-bounds read vulnerability exists in VS6ComFile!CSaveData::delete_mem of V-SFT v6.2.7.0... High Unreviewed
CVE-2025-61863 was published Oct 10, 2025
A stack-based buffer overflow vulnerability exists in VS6ComFile!CV7BaseMap::WriteV7DataToRom of... High Unreviewed
CVE-2025-61856 was published Oct 10, 2025
An out-of-bounds write vulnerability exists in VS6ComFile!CItemDraw::is_motion_tween of V-SFT v6... High Unreviewed
CVE-2025-61859 was published Oct 10, 2025
An out-of-bounds read vulnerability exists in VS6ComFile!load_link_inf of V-SFT v6.2.7.0 and... High Unreviewed
CVE-2025-61861 was published Oct 10, 2025
An out-of-bounds read vulnerability exists in VS6MemInIF!set_temp_type_default of V-SFT v6.2.7.0... High Unreviewed
CVE-2025-61860 was published Oct 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database