GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,552
Maven
5,000+
npm
4,224
NuGet
746
pip
3,999
Pub
12
RubyGems
953
Rust
1,041
Swift
45
Unreviewed advisories
All unreviewed
5,000+
112,524 advisories
Filter by severity
The AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers...
High
Unreviewed
CVE-2014-2374
was published
May 17, 2022
SQL injection vulnerability in Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta...
High
Unreviewed
CVE-2014-2376
was published
May 17, 2022
The web server on the AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows...
High
Unreviewed
CVE-2014-2373
was published
May 17, 2022
Ecava IntegraXor SCADA Server Stable 4.1.4360 and earlier and Beta 4.1.4392 and earlier allows...
High
Unreviewed
CVE-2014-2375
was published
May 17, 2022
Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do...
High
Unreviewed
CVE-2014-2378
was published
May 17, 2022
Omni vulnerable to information leak via API
High
CVE-2025-61688
was published
for
github.com/siderolabs/omni
(Go)
Oct 13, 2025
Path traversal in Ivanti Endpoint Manager allows a remote unauthenticated attacker to achieve...
High
Unreviewed
CVE-2025-9713
was published
Oct 13, 2025
Insecure deserialization in Ivanti Endpoint Manager allows a local authenticated attacker to...
High
Unreviewed
CVE-2025-11622
was published
Oct 13, 2025
llama-index has Insecure Temporary File
High
CVE-2025-7707
was published
for
llama-index
(pip)
Oct 13, 2025
MongoDB Rust Driver has certificate validation disabled when `tlsInsecure=False` appears in connection string
High
CVE-2025-11695
was published
for
mongodb
(Rust)
Oct 13, 2025
PowerShell Elevation of Privilege Vulnerability
High
CVE-2022-26788
was published
for
Microsoft.PowerShell.SDK
(NuGet)
Apr 16, 2022
Rack is vulnerable to a memory-exhaustion DoS through unbounded URL-encoded body parsing
High
CVE-2025-61919
was published
for
rack
(RubyGems)
Oct 10, 2025
Authlib is vulnerable to Denial of Service via Oversized JOSE Segments
High
CVE-2025-61920
was published
for
authlib
(pip)
Oct 10, 2025
quic-go: Panic occurs when queuing undecryptable packets after handshake completion
High
CVE-2025-59530
was published
for
github.com/quic-go/quic-go
(Go)
Oct 10, 2025
Grafana path traversal
High
CVE-2021-43798
was published
for
github.com/grafana/grafana
(Go)
Feb 1, 2024
pyLoad CNL and captcha handlers allow Code Injection via unsanitized parameters
High
CVE-2025-61773
was published
for
pyload-ng
(pip)
Oct 9, 2025
FastAPI Guard has a regex bypass
High
CVE-2025-54365
was published
for
fastapi-guard
(pip)
Jul 23, 2025
Authorization Bypass Through User-Controlled Key vulnerability in AKIN Software Computer Import...
High
Unreviewed
CVE-2025-9902
was published
Oct 13, 2025
Insufficient escaping in the report scheduler within Checkmk <2.4.0p13, <2.3.0p38, <2.2.0p46 and...
High
Unreviewed
CVE-2025-39664
was published
Oct 9, 2025
Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows...
High
Unreviewed
CVE-2025-32919
was published
Oct 9, 2025
Rack's multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)
High
CVE-2025-61772
was published
for
rack
(RubyGems)
Oct 7, 2025
Rack: Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)
High
CVE-2025-61771
was published
for
rack
(RubyGems)
Oct 7, 2025
Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion)
High
CVE-2025-61770
was published
for
rack
(RubyGems)
Oct 7, 2025
FlowiseAI/Flosise has File Upload vulnerability
High
CVE-2025-61687
was published
for
flowise
(npm)
Oct 8, 2025
Litestar X-Forwarded-For Header Spoofing Vulnerability Enables Rate Limit Evasion
High
CVE-2025-59152
was published
for
litestar
(pip)
Oct 6, 2025
ProTip!
Advisories are also available from the
GraphQL API