Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,790
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,994
NuGet
720
pip
3,783
Pub
12
RubyGems
927
Rust
982
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,496 advisories

Loading
Account users in Apache CloudStack by default are allowed to upload and register templates for... High Unreviewed
CVE-2024-45219 was published Oct 16, 2024
Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to... High Unreviewed
CVE-2024-39573 was published Jul 1, 2024
An OS command injection vulnerability exists in the Blue Angel Software Suite running on embedded... High Unreviewed
CVE-2025-34033 was published Jun 26, 2025
A path traversal vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the... High Unreviewed
CVE-2025-34031 was published Jun 26, 2025
The MongoDB Server is susceptible to a denial of service vulnerability due to improper handling... High Unreviewed
CVE-2025-6709 was published Jun 26, 2025
A path traversal vulnerability exists in WeiPHP 5.0, an open source WeChat public account... High Unreviewed
CVE-2025-34045 was published Jun 26, 2025
A path traversal vulnerability exists in the Leadsec SSL VPN (formerly Lenovo NetGuard), allowing... High Unreviewed
CVE-2025-34047 was published Jun 26, 2025
A path traversal vulnerability exists in the web management interface of D-Link DSL-2730U, DSL... High Unreviewed
CVE-2025-34048 was published Jun 26, 2025
The com.eypcnnapps.quickreboot (aka Eyuep Can Yilmaz {ROOT] Quick Reboot) application 1.0.8 for... High Unreviewed
CVE-2023-47355 was published Feb 5, 2024
A server-side request forgery (SSRF) vulnerability exists in multiple Selea Targa IP OCR-ANPR... High Unreviewed
CVE-2025-34021 was published Jun 20, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing... High Unreviewed
CVE-2023-42826 was published Jan 11, 2024
An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker to cause a Denial of... High Unreviewed
CVE-2025-29646 was published Jun 18, 2025
An issue discovered in GPAC 2.3-DEV-rev605-gfc9e29089-master in MP4Box in gf_avc_change_vui ... High Unreviewed
CVE-2023-46929 was published Jan 3, 2024
Improper input validation was discovered in UsbCoreDxe in Insyde InsydeH2O kernel 5.4 before 05... High Unreviewed
CVE-2024-55567 was published Jun 12, 2025
Path traversal in Google Web Designer's template handling versions prior to 16.3.0.0407 on... High Unreviewed
CVE-2025-4613 was published Jun 12, 2025
Improper input validation performed during the authentication process of FlashBlade could lead to... High Unreviewed
CVE-2025-0052 was published Jun 10, 2025
Improper input validation performed during the authentication process of FlashArray could lead to... High Unreviewed
CVE-2025-0051 was published Jun 10, 2025
Improper input validation in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate... High Unreviewed
CVE-2025-47968 was published Jun 10, 2025
Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial... High Unreviewed
CVE-2021-25255 was published May 21, 2025
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an... High Unreviewed
CVE-2025-3898 was published Jun 10, 2025
Improper Input Validation vulnerability in upKeeper Solutions upKeeper Instant Privilege Access... High Unreviewed
CVE-2025-4680 was published Jun 10, 2025
CWE-20: Improper Input Validation vulnerability exists that could cause Denial of Service when an... High Unreviewed
CVE-2025-3116 was published Jun 10, 2025
nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20... High Unreviewed
CVE-2018-1000168 was published May 13, 2022
CVE-2025-1701 is a high-severity vulnerability in the MIM Admin service. An attacker could... High Unreviewed
CVE-2025-1701 was published Jun 4, 2025
An issue was found in the private API function qDecodeDataUrl() in QtCore, which is used in... High Unreviewed
CVE-2025-5455 was published Jun 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database