Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,562
Maven
5,000+
npm
5,000+
NuGet
917
pip
4,807
Pub
13
RubyGems
1,038
Rust
1,238
Swift
53
Unreviewed advisories
All unreviewed
5,000+

432 advisories

Loading
Certain motherboard models developed by MSI has a Protection Mechanism Failure vulnerability.... High Unreviewed
CVE-2025-14303 was published Dec 17, 2025
Certain motherboard models developed by GIGABYTE has a Protection Mechanism Failure vulnerability... High Unreviewed
CVE-2025-14302 was published Dec 17, 2025
When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents... Critical Unreviewed
CVE-2025-65318 was published Dec 16, 2025
When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves... Critical Unreviewed
CVE-2025-65319 was published Dec 16, 2025
The Convercent Whistleblowing Platform operated by EQS Group contains a protection mechanism... Moderate Unreviewed
CVE-2025-34412 was published Dec 15, 2025
In U-Boot of append_uint32_le(), there is a possible fault injection due to a logic error in the... Moderate Unreviewed
CVE-2025-36938 was published Dec 11, 2025
Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows before 6.6.0 may... High Unreviewed
CVE-2025-67460 was published Dec 10, 2025
Legality WHISTLEBLOWING by DigitalPA contains a protection mechanism failure in which critical... High Unreviewed
CVE-2025-34413 was published Dec 9, 2025
HTTP/HTTPS Traffic Interception Bypass in mad-proxy Moderate
CVE-2025-67485 was published for mad-proxy (pip) Dec 9, 2025
machphy Credited to machphy
In multiple locations, there is a possible way to launch an application from the background due... Critical Unreviewed
CVE-2025-48626 was published Dec 8, 2025
Envoy forwards early CONNECT data in TCP proxy mode Low
CVE-2025-64763 was published for github.com/envoyproxy/envoy (Go) Dec 5, 2025
botengyao Credited to botengyao, phlax, yanavlasov, agrawroh, and chasingimpact phlax phlax
yanavlasov yanavlasov agrawroh agrawroh chasingimpact chasingimpact
Anthropic Sandbox Runtime Incorrectly Implemented Network Sandboxing Low
CVE-2025-66479 was published for @anthropic-ai/sandbox-runtime (npm) Dec 4, 2025
Protection Mechanism Failure vulnerability in ESTsoft ALZip on Windows allows SmartScreen bypass... Moderate Unreviewed
CVE-2025-29864 was published Dec 3, 2025
The WP Headless CMS Framework plugin for WordPress is vulnerable to protection mechanism bypass... Moderate Unreviewed
CVE-2025-11260 was published Nov 13, 2025
Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an... Moderate Unreviewed
CVE-2025-62453 was published Nov 11, 2025
Protection mechanism failure in the UEFI firmware for the Slim Bootloader within firmware may... High Unreviewed
CVE-2025-35968 was published Nov 11, 2025
Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001... Moderate Unreviewed
CVE-2025-24834 was published Nov 11, 2025
Protection mechanism failure for some Intel(R) NPU Drivers within Ring 3: User Applications may... Moderate Unreviewed
CVE-2025-26402 was published Nov 11, 2025
Protection mechanism failure for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001... Moderate Unreviewed
CVE-2025-24848 was published Nov 11, 2025
Collision in MiniFilter driver in Avast Software Avast Free Antivirus  before 25.9  on Windows... Moderate Unreviewed
CVE-2025-10905 was published Nov 11, 2025
Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a... Moderate Unreviewed
CVE-2025-12906 was published Nov 8, 2025
Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a... Moderate Unreviewed
CVE-2025-12909 was published Nov 8, 2025
Protobuf Maven Plugin protocDigest is ignored when using protoc from PATH Low
GHSA-j2pc-v64r-mv4f was published for io.github.ascopes:protobuf-maven-plugin (Maven) Nov 4, 2025
Marcono1234 Credited to Marcono1234
Protection mechanism failure in Microsoft Edge (Chromium-based) allows an unauthorized attacker... Moderate Unreviewed
CVE-2025-60711 was published Oct 31, 2025
Missing Security Headers.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Moderate Unreviewed
CVE-2025-12554 was published Oct 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database