Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
2,891
Erlang
24
GitHub Actions
39
Go
2,240
Maven
2,698
npm
2,899
NuGet
500
pip
2,728
Pub
5
RubyGems
364
Rust
889
Swift
19
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

17 advisories

Loading
NEMU contains an implementation flaw in its RISC-V Hypervisor CSR handling where henvcfg[7:4] ... Critical Unreviewed
CVE-2026-29649 was published Apr 20, 2026
Sandbox escape in the Graphics: WebRender component. This vulnerability affects Firefox < 148,... Critical Unreviewed
CVE-2026-2761 was published Feb 24, 2026
When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents... Critical Unreviewed
CVE-2025-65318 was published Dec 16, 2025
When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves... Critical Unreviewed
CVE-2025-65319 was published Dec 16, 2025
In multiple locations, there is a possible way to launch an application from the background due... Critical Unreviewed
CVE-2025-48626 was published Dec 8, 2025
The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control... Critical Unreviewed
CVE-2025-59033 was published Sep 8, 2025
Dell ThinOS 10, versions prior to 2508_10.0127, contain a Protection Mechanism Failure... Critical Unreviewed
CVE-2025-43728 was published Aug 27, 2025
Sandboxed iframes on webpages could potentially allow downloads to the device, bypassing the... Critical Unreviewed
CVE-2025-54143 was published Aug 19, 2025
An attacker was able to bypass the `connect-src` directive of a Content Security Policy by... Critical Unreviewed
CVE-2025-6427 was published Jun 26, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27665 was published Mar 5, 2025
Protection mechanism failure issue exists in RevoWorks SCVX prior to scvimage4.10.21_1013 (when... Critical Unreviewed
CVE-2024-25091 was published Mar 1, 2024
Vulnerability of incorrect service logic in the WindowManagerServices module.Successful... Critical Unreviewed
CVE-2023-52378 was published Feb 18, 2024
Protection mechanism failure in some Intel DCM software before version 5.2 may allow an... Critical Unreviewed
CVE-2023-31273 was published Nov 14, 2023
Dell PowerScale OneFS, 9.5.0.x, contains a protection mechanism bypass vulnerability. An... Critical Unreviewed
CVE-2023-32493 was published Aug 16, 2023
The phone-PC collaboration module has a logic bypass vulnerability. Successful exploitation of... Critical Unreviewed
CVE-2022-48290 was published Feb 9, 2023
An issue was discovered in Siren Investigate before 12.1.7. Script variable whitelisting is... Critical Unreviewed
CVE-2022-47544 was published Jan 5, 2023
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access... Critical Unreviewed
CVE-2021-32835 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database