Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

225 advisories

Loading
Local privilege escalation in Genetec Sipelia Plugin. An authenticated low-privileged Windows... Moderate Unreviewed
CVE-2025-1790 was published Feb 13, 2026
MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the... High Unreviewed
CVE-2026-0870 was published Feb 9, 2026
Brocade Fabric OS before 9.2.1 has a vulnerability that could allow a local authenticated... Moderate Unreviewed
CVE-2025-58379 was published Feb 3, 2026
A vulnerability in Brocade Fabric OS versions before 9.2.1c2 could allow an administrator-level... High Unreviewed
CVE-2025-58383 was published Feb 3, 2026
IBM Common Cryptographic Architecture (CCA) 7.5.52 and 8.4.82 could allow an unauthenticated user... Critical Unreviewed
CVE-2025-13375 was published Feb 4, 2026
A vulnerability exists in F5 BIG-IP Container Ingress Services that may allow excessive... Moderate Unreviewed
CVE-2026-22549 was published Feb 4, 2026
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 could allow an... High Unreviewed
CVE-2025-36184 was published Jan 31, 2026
Improper access control in the WCF endpoint in Edgemo (now owned by Danoffice IT) Local Admin... High Unreviewed
CVE-2026-1680 was published Jan 30, 2026
Dask Distributed is Vulnerable to Remote Code Execution via Jupyter Proxy and Dashboard Moderate
CVE-2026-23528 was published for distributed (pip) Jan 16, 2026
A vulnerability has been identified in the ServiceNow AI Platform that could enable an... Critical Unreviewed
CVE-2025-12420 was published Jan 13, 2026
HP ThinPro 8.1 System management application failed to verify user's true id. HP has released HP... High Unreviewed
CVE-2025-43017 was published Oct 28, 2025
IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through... Moderate Unreviewed
CVE-2025-36059 was published Jan 20, 2026
Skipper is vulnerable to arbitrary code execution through lua filters High
CVE-2026-23742 was published for github.com/zalando/skipper (Go) Jan 16, 2026
moyushui b0b0haha
Credited to moyushui and b0b0haha
A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.4).... High Unreviewed
CVE-2025-40942 was published Jan 13, 2026
Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, version(s) versions 5.26 to 5.30... Moderate Unreviewed
CVE-2025-46696 was published Jan 6, 2026
The NPort 6100-G2/6200-G2 Series is affected by an execution with unnecessary privileges... High Unreviewed
CVE-2025-1977 was published Dec 31, 2025
NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with... Critical Unreviewed
CVE-2025-33224 was published Dec 23, 2025
NVIDIA Isaac Launchable contains a vulnerability where an attacker could cause an execution with... Critical Unreviewed
CVE-2025-33223 was published Dec 23, 2025
Versa SASE Client for Windows versions released between 7.8.7 and 7.9.4 contain a local privilege... High Unreviewed
CVE-2025-34290 was published Dec 20, 2025
The vulnerability affects Ignition SCADA applications where Python scripting is utilized for... High Unreviewed
CVE-2025-13911 was published Dec 18, 2025
A local privilege escalation vulnerability due to insufficient authorization in the SonicWall... Moderate Unreviewed
CVE-2025-40602 was published Dec 18, 2025
A vulnerability exists in multiple Radiometer products that allow an attacker with physical... High Unreviewed
CVE-2025-14096 was published Dec 17, 2025
Execution with Unnecessary Privileges vulnerability in Nebim Neyir Computer Industry and Services... High Unreviewed
CVE-2025-13506 was published Dec 12, 2025
Neuron MySQLWriteTool allows arbitrary/destructive SQL when exposed to untrusted prompts (agent “footgun”) Critical
CVE-2025-67510 was published for neuron-core/neuron-ai (Composer) Dec 9, 2025
siewer
Credited to siewer
In sendCommand of MediaSessionRecord.java, there is a possible way to launch the foreground... High Unreviewed
CVE-2025-48573 was published Dec 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database