Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,809
Erlang
36
GitHub Actions
31
Go
2,393
Maven
5,000+
npm
4,026
NuGet
720
pip
3,818
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

12,203 advisories

Loading
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2025-6650 was published Jun 26, 2025
PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2025-6646 was published Jun 26, 2025
PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2025-6656 was published Jun 26, 2025
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2025-6649 was published Jun 26, 2025
PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2025-6648 was published Jun 26, 2025
Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected... Low Unreviewed
CVE-2025-49549 was published Jun 26, 2025
Successful exploitation of the vulnerability could allow an attacker to intercept data and... Low Unreviewed
CVE-2025-48463 was published Jun 26, 2025
A vulnerability, which was classified as problematic, was found in 70mai M300 up to 20250611.... Low Unreviewed
CVE-2025-6527 was published Jun 26, 2025
A vulnerability, which was classified as problematic, has been found in 70mai M300 up to 20250611... Low Unreviewed
CVE-2025-6526 was published Jun 26, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 17.3 before 17.11.5, 18... Low Unreviewed
CVE-2025-2938 was published Jun 26, 2025
An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0... Low Unreviewed
CVE-2025-5846 was published Jun 26, 2025
RISC Zero Ethereum invalid commitment with digest value of zero accepted by Steel.validateCommitment Low
CVE-2025-52884 was published for risc0-ethereum-contracts (Rust) Jun 25, 2025
pyspur Incomplete Filtering of Special Elements allowed by SingleLLMCallNode function Low
CVE-2025-6518 was published for pyspur (pip) Jun 23, 2025
Malicious dependencies can inject arbitrary JavaScript into cargo-generated timing reports Low
CVE-2023-40030 was published for cargo (Rust) Aug 24, 2023
pietroalbini cuviper
remkop22 ehuss weihanglo Manishearth iusx
kubernetes allows nodes to bypass dynamic resource allocation authorization checks Low
CVE-2025-4563 was published for k8s.io/kubernetes (Go) Jun 23, 2025
A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects... Low Unreviewed
CVE-2025-6524 was published Jun 23, 2025
PEAK-System Driver PCANFD_ADD_FILTERS Time-Of-Check Time-Of-Use Information Disclosure... Low Unreviewed
CVE-2025-6217 was published Jun 23, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2024-21211 was published Oct 15, 2024
spytrap-adb Omission of Security-relevant Information Low
CVE-2025-52926 was published for spytrap-adb (Rust) Jun 23, 2025
ClickHouse 25.7.1.557 allows low-privileged users to execute shell commands by querying existing... Low Unreviewed
CVE-2025-52969 was published Jun 23, 2025
Vulnerability in PointCloudLibrary PCL (surface/src/3rdparty/opennurbs modules). This... Low Unreviewed
CVE-2025-52937 was published Jun 23, 2025
xdg-open in xdg-utils through 1.2.1 can send requests containing SameSite=Strict cookies, which... Low Unreviewed
CVE-2025-52968 was published Jun 23, 2025
PowSyBl Core Contains a Polynomial ReDoS in RegexCriterion Low
CVE-2025-48059 was published for com.powsybl:powsybl-contingency-api (Maven) Jun 19, 2025
arthurscchan AdamKorcz
rolnico olperr1
Ackites KillWxapkg vulnerable to OS Command Injection Low
CVE-2025-5030 was published for github.com/Ackites/KillWxapkg (Go) May 21, 2025
IBM UrbanCode Deploy (UCD) 7.2 through 7.2.3.13, 7.3 through 7.3.2.8, and IBM DevOps Deploy 8.0... Low Unreviewed
CVE-2024-51472 was published Jan 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database