Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,746
Erlang
35
GitHub Actions
29
Go
2,319
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
920
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,927 advisories

Loading
CVE-2025-1701 is a high-severity vulnerability in the MIM Admin service. An attacker could... High Unreviewed
CVE-2025-1701 was published Jun 4, 2025
An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in... High Unreviewed
CVE-2025-5455 was published Jun 2, 2025
Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022... High Unreviewed
CVE-2022-35773 was published Aug 10, 2022
An issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via... High Unreviewed
CVE-2024-51392 was published May 29, 2025
Denial of service in XStream High
CVE-2017-7957 was published for com.thoughtworks.xstream:xstream (Maven) Jun 30, 2020
An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local attacker to escalate... High Unreviewed
CVE-2024-40458 was published May 22, 2025
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-005... High Unreviewed
CVE-2022-32797 was published Sep 25, 2022
Ericsson RAN Compute and Site Controller 6610 contains in certain configurations a high severity... High Unreviewed
CVE-2024-25010 was published May 22, 2025
Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial... High Unreviewed
CVE-2021-25255 was published May 21, 2025
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory... High Unreviewed
CVE-2022-36448 was published Sep 29, 2022
An elevation of privilege vulnerability exists in the Windows Installer when the Windows... High Unreviewed
CVE-2019-0973 was published May 24, 2022
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to... High Unreviewed
CVE-2019-0620 was published May 24, 2022
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to... High Unreviewed
CVE-2019-0722 was published May 24, 2022
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to... High Unreviewed
CVE-2019-0709 was published May 24, 2022
Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed High
CVE-2025-22235 was published for org.springframework.boot:spring-boot (Maven) Apr 28, 2025
An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before... High Unreviewed
CVE-2024-52880 was published May 15, 2025
A Path traversal vulnerability in the file download functionality was identified. This... High Unreviewed
CVE-2025-2305 was published May 16, 2025
A request smuggling vulnerability existed in the Google Cloud Classic Application Load Balancer... High Unreviewed
CVE-2025-4600 was published May 16, 2025
Ericsson Packet Core Controller (PCC) contains a vulnerability where an attacker sending a large... High Unreviewed
CVE-2024-53827 was published May 16, 2025
The facial recognition module has a vulnerability in input validation.Successful exploitation of... High Unreviewed
CVE-2022-38985 was published Oct 14, 2022
Kubernetes csi-proxy vulnerable to privilege escalation due to improper input validation High
CVE-2023-3893 was published for github.com/kubernetes-csi/csi-proxy (Go) Nov 3, 2023
This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS... High Unreviewed
CVE-2025-31240 was published May 13, 2025
Improper input validation in the UEFI firmware error handler for the Intel(R) Server D50DNP and... High Unreviewed
CVE-2025-24308 was published May 13, 2025
Improper input validation for some Intel(R) PROSet/Wireless WiFi Software for Windows before... High Unreviewed
CVE-2025-20032 was published May 13, 2025
Improper input validation in the UEFI firmware DXE module for the Intel(R) Server D50DNP and... High Unreviewed
CVE-2025-21094 was published May 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database