Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,552
Maven
5,000+
npm
4,224
NuGet
746
pip
3,999
Pub
12
RubyGems
953
Rust
1,041
Swift
45
Unreviewed advisories
All unreviewed
5,000+

112,524 advisories

Loading
Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2025-21131 was published Jan 14, 2025
Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write... High Unreviewed
CVE-2025-21132 was published Jan 14, 2025
Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or... High Unreviewed
CVE-2025-21133 was published Jan 14, 2025
Illustrator on iPad versions 3.0.7 and earlier are affected by an Integer Underflow (Wrap or... High Unreviewed
CVE-2025-21134 was published Jan 14, 2025
NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow... High Unreviewed
CVE-2024-48857 was published Jan 14, 2025
Substance3D - Stager versions 3.0.4 and earlier are affected by a Heap-based Buffer Overflow... High Unreviewed
CVE-2025-21129 was published Jan 14, 2025
Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow... High Unreviewed
CVE-2025-21128 was published Jan 14, 2025
Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow... High Unreviewed
CVE-2024-48858 was published Jan 14, 2025
Git LFS permits exfiltration of credentials via crafted HTTP URLs High
CVE-2024-53263 was published for github.com/git-lfs/git-lfs (Go) Jan 14, 2025
Ry0taK
Credited to Ry0taK
Microsoft Security Advisory CVE-2025-21176 | .NET and Visual Studio Remote Code Execution Vulnerability High
CVE-2025-21176 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jan 14, 2025
Microsoft Security Advisory CVE-2025-21172 | .NET and Visual Studio Remote Code Execution Vulnerability High
CVE-2025-21172 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jan 14, 2025
Microsoft Security Advisory CVE-2025-21171 | .NET Remote Code Execution Vulnerability High
CVE-2025-21171 was published for Microsoft.NetCore.App.Runtime.linux-arm (NuGet) Jan 14, 2025
Git Credential Manager carriage-return character in remote URL allows malicious repository to leak credentials High
CVE-2024-50338 was published for git-credential-manager (NuGet) Jan 14, 2025
Authenticated command injection vulnerability in the command line interface of a network... High Unreviewed
CVE-2025-23052 was published Jan 14, 2025
An authenticated parameter injection vulnerability exists in the web-based management interface... High Unreviewed
CVE-2025-23051 was published Jan 14, 2025
Windows CSC Service Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21378 was published Jan 14, 2025
Windows Graphics Component Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21382 was published Jan 14, 2025
Windows upnphost.dll Denial of Service Vulnerability High Unreviewed
CVE-2025-21389 was published Jan 14, 2025
Microsoft Access Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21395 was published Jan 14, 2025
Microsoft Office OneNote Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21402 was published Jan 14, 2025
Visual Studio Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21405 was published Jan 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21409 was published Jan 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21411 was published Jan 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21413 was published Jan 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability High Unreviewed
CVE-2025-21417 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database