Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,790
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,994
NuGet
720
pip
3,783
Pub
12
RubyGems
927
Rust
982
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,496 advisories

Loading
A path traversal vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the... High Unreviewed
CVE-2025-34031 was published Jun 26, 2025
An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded... High Unreviewed
CVE-2025-34033 was published Jun 26, 2025
A path traversal vulnerability exists in the Leadsec SSL VPN (formerly Lenovo NetGuard), allowing... High Unreviewed
CVE-2025-34047 was published Jun 26, 2025
A path traversal vulnerability exists in the web management interface of D-Link DSL-2730U, DSL... High Unreviewed
CVE-2025-34048 was published Jun 26, 2025
A path traversal vulnerability exists in WeiPHP 5.0, an open source WeChat public account... High Unreviewed
CVE-2025-34045 was published Jun 26, 2025
The MongoDB Server is susceptible to a denial of service vulnerability due to improper handling... High Unreviewed
CVE-2025-6709 was published Jun 26, 2025
A server-side request forgery (SSRF) vulnerability exists in multiple Selea Targa IP OCR-ANPR... High Unreviewed
CVE-2025-34021 was published Jun 20, 2025
An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of... High Unreviewed
CVE-2025-29646 was published Jun 18, 2025
Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05... High Unreviewed
CVE-2024-55567 was published Jun 12, 2025
Path traversal in Google Web Designer's template handling versions prior to 16.3.0.0407 on... High Unreviewed
CVE-2025-4613 was published Jun 12, 2025
Improper input validation performed during the authentication process of FlashBlade could lead to... High Unreviewed
CVE-2025-0052 was published Jun 10, 2025
Improper input validation performed during the authentication process of FlashArray could lead to... High Unreviewed
CVE-2025-0051 was published Jun 10, 2025
Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate... High Unreviewed
CVE-2025-47968 was published Jun 10, 2025
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an... High Unreviewed
CVE-2025-3898 was published Jun 10, 2025
Improper Input Validation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access... High Unreviewed
CVE-2025-4680 was published Jun 10, 2025
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an... High Unreviewed
CVE-2025-3116 was published Jun 10, 2025
CVE-2025-1701 is a high-severity vulnerability in the MIM Admin service. An attacker could... High Unreviewed
CVE-2025-1701 was published Jun 4, 2025
An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in... High Unreviewed
CVE-2025-5455 was published Jun 2, 2025
An issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via... High Unreviewed
CVE-2024-51392 was published May 29, 2025
An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local attacker to escalate... High Unreviewed
CVE-2024-40458 was published May 22, 2025
Ericsson RAN Compute and Site Controller 6610 contains in certain configurations a high severity... High Unreviewed
CVE-2024-25010 was published May 22, 2025
Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial... High Unreviewed
CVE-2021-25255 was published May 21, 2025
A request smuggling vulnerability existed in the Google Cloud Classic Application Load Balancer... High Unreviewed
CVE-2025-4600 was published May 16, 2025
A Path traversal vulnerability in the file download functionality was identified. This... High Unreviewed
CVE-2025-2305 was published May 16, 2025
Ericsson Packet Core Controller (PCC) contains a vulnerability where an attacker sending a large... High Unreviewed
CVE-2024-53827 was published May 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database