Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,831
Maven
5,000+
npm
4,462
NuGet
775
pip
4,226
Pub
12
RubyGems
972
Rust
1,093
Swift
47
Unreviewed advisories
All unreviewed
5,000+

12 advisories

Loading
Improper Authentication in Kubernetes High
CVE-2020-8558 was published for k8s.io/kubernetes (Go) Feb 15, 2022
halfcrazy
Credited to halfcrazy
Docker Swarm encrypted overlay network may be unauthenticated High
CVE-2023-28840 was published for github.com/docker/docker (Go) Apr 4, 2023
corhere quadespresso
cpuguy83 tianon neersighted laurazard akerouanton
Credited to corhere, quadespresso, cpuguy83, tianon, neersighted, laurazard, and akerouanton
NI MeasurementLink Python Services Improper Access Restriction vulnerability High
CVE-2023-4570 was published for ni-measurementlink-service (pip) Oct 5, 2023
A vulnerability exists in Rockwell Automation affected products that allows a threat actor to... High Unreviewed
CVE-2024-6242 was published Aug 1, 2024
Duplicate Advisory: Juju Unprotected Alternate Channel vulnerability High
GHSA-85qf-6845-m8p2 was published for github.com/juju/juju (Go) Oct 2, 2024 withdrawn
Some Huawei home routers have a connection hijacking vulnerability. Successful exploitation of... High Unreviewed
CVE-2023-7266 was published Dec 28, 2024
In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in... High Unreviewed
CVE-2025-54351 was published Aug 3, 2025
An internal product security audit of Lenovo XClarity Orchestrator (LXCO) discovered the below... High Unreviewed
CVE-2025-8557 was published Sep 11, 2025
IBM Personal Communications v14 and v15 include a Windows service that is vulnerable to local... High Unreviewed
CVE-2025-1095 was published Apr 8, 2025
BullWall Ransomware Containment contains excluded file paths, such as '$recycle.bin' that are not... High Unreviewed
CVE-2025-62001 was published Dec 18, 2025
An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially... High Unreviewed
CVE-2025-67303 was published Jan 5, 2026
An issue discovered in Dyson App v6.1.23041-23595 allows unauthenticated attackers to control... High Unreviewed
CVE-2025-56558 was published Oct 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database