Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

125,465 advisories

Loading
Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker... High Unreviewed
CVE-2025-62470 was published Dec 9, 2025
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to... High Unreviewed
CVE-2025-62560 was published Dec 9, 2025
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to... High Unreviewed
CVE-2025-62561 was published Dec 9, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-62559 was published Dec 9, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-62563 was published Dec 9, 2025
Use of uninitialized resource in Windows Remote Access Connection Manager allows an authorized... High Unreviewed
CVE-2025-62472 was published Dec 9, 2025
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate... High Unreviewed
CVE-2025-62464 was published Dec 9, 2025
Improper access control in Windows Remote Access Connection Manager allows an authorized attacker... High Unreviewed
CVE-2025-62474 was published Dec 9, 2025
Use after free in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-62562 was published Dec 9, 2025
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate... High Unreviewed
CVE-2025-62458 was published Dec 9, 2025
Buffer over-read in Windows Projected File System Filter Driver allows an authorized attacker to... High Unreviewed
CVE-2025-62461 was published Dec 9, 2025
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate... High Unreviewed
CVE-2025-62462 was published Dec 9, 2025
Null pointer dereference in Windows Client-Side Caching (CSC) Service allows an authorized... High Unreviewed
CVE-2025-62466 was published Dec 9, 2025
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to... High Unreviewed
CVE-2025-62556 was published Dec 9, 2025
Relative path traversal in Microsoft Office Access allows an unauthorized attacker to execute... High Unreviewed
CVE-2025-62552 was published Dec 9, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-62558 was published Dec 9, 2025
Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized... High Unreviewed
CVE-2025-62454 was published Dec 9, 2025
Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker... High Unreviewed
CVE-2025-62456 was published Dec 9, 2025
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-62553 was published Dec 9, 2025
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code... High Unreviewed
CVE-2025-62564 was published Dec 9, 2025
Use after free in Windows Shell allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-62565 was published Dec 9, 2025
Integer overflow or wraparound in Windows Projected File System allows an authorized attacker to... High Unreviewed
CVE-2025-62467 was published Dec 9, 2025
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate... High Unreviewed
CVE-2025-62569 was published Dec 9, 2025
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. High Unreviewed
CVE-2025-62557 was published Dec 9, 2025
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an... High Unreviewed
CVE-2025-62554 was published Dec 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database