GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,626
Composer 4,715
Erlang 34
GitHub Actions 28
Go 2,301
Maven 5,577
npm 3,946
NuGet 711
pip 3,713
Pub 12
RubyGems 920
Rust 964
Swift 38

Unreviewed advisories

All unreviewed 257,110

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

11,213 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Laravel Rest Api has a Search Validation Bypass Moderate

GHSA-69rh-hccr-cxrj was published for lomkit/laravel-rest-api (Composer) May 27, 2025

A vulnerability was found in erdogant pypickle up to 1.1.5 and classified as problematic.... Moderate Unreviewed

CVE-2025-5174 was published May 26, 2025

A vulnerability has been found in HumanSignal label-studio-ml-backend up to... Moderate Unreviewed

CVE-2025-5173 was published May 26, 2025

FunAudioLLM InspireMusic deserialization vulnerability Moderate

CVE-2025-5148 was published for inspiremusic (pip) May 25, 2025

A vulnerability has been found in easysoft zentaopms 21.5_20250307 and classified as critical.... Moderate Unreviewed

CVE-2025-5114 was published May 23, 2025

Cryptographic vulnerability in Iridium Certus 700. This vulnerability allows a user to retrieve... Critical Unreviewed

CVE-2025-41377 was published May 23, 2025

The SSID field is not parsed correctly and can be used to inject commands into the hostpad.conf... Moderate Unreviewed

CVE-2025-41378 was published May 23, 2025

The Intellian C700 web panel allows you to add firewall rules. Each of these rules has an... Moderate Unreviewed

CVE-2025-41379 was published May 23, 2025

An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local attacker to escalate... High Unreviewed

CVE-2024-40458 was published May 22, 2025

Ericsson RAN Compute and Site Controller 6610 contains in certain configurations a high severity... High Unreviewed

CVE-2024-25010 was published May 22, 2025

Harman Becker MGU21 Bluetooth Improper Input Validation Denial-of-Service Vulnerability. This... Moderate Unreviewed

CVE-2025-3885 was published May 22, 2025

Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial... High Unreviewed

CVE-2021-25255 was published May 21, 2025

Gardener allows bypassing project secret validation which can lead to privilege escalation Critical

CVE-2025-47283 was published for github.com/gardener/gardener (Go) May 19, 2025

Gardener External DNS Management allows malicious google credential in DNS secret to lead to privilege escalation Critical

CVE-2025-47282 was published for github.com/gardener/external-dns-management (Go) May 19, 2025

A vulnerability was found in iop-apl-uw basestation3 up to 3.0.4 and classified as problematic.... Moderate Unreviewed

CVE-2025-4905 was published May 19, 2025

CVE-2024-38820 ensured Locale-independent, lowercase conversion for both the configured... Low Unreviewed

CVE-2025-22233 was published May 16, 2025

A request smuggling vulnerability existed in the Google Cloud Classic Application Load Balancer... High Unreviewed

CVE-2025-4600 was published May 16, 2025

A Path traversal vulnerability in the file download functionality was identified. This... High Unreviewed

CVE-2025-2305 was published May 16, 2025

Ericsson Packet Core Controller (PCC) contains a vulnerability where an attacker sending a large... High Unreviewed

CVE-2024-53827 was published May 16, 2025

A vulnerability classified as problematic has been found in XU-YIJIE grpo-flat up to... Moderate Unreviewed

CVE-2025-4742 was published May 16, 2025

A vulnerability was found in BeamCtrl Airiana up to 11.0. It has been declared as problematic.... Moderate Unreviewed

CVE-2025-4740 was published May 16, 2025

An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before... High Unreviewed

CVE-2024-52880 was published May 15, 2025

A vulnerability, which was classified as problematic, has been found in VITA-MLLM Freeze-Omni up... Moderate Unreviewed

CVE-2025-4701 was published May 15, 2025

Insecure Direct Object Reference (IDOR) vulnerability in the eSignaViewer component in eSigna... Low Unreviewed

CVE-2025-4762 was published May 15, 2025

Jenkins DingTalk Plugin Unconditionally Disables SSL/TLS Certificate and Hostname Validation Moderate

CVE-2025-47888 was published for io.jenkins.plugins:dingding-notifications (Maven) May 14, 2025

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

11,213 advisories