Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,479
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

96,279 advisories

Loading
A SQL injection vulnerability in the Hikashop component versions 3.3.0-5.1.4 for Joomla allows... High Unreviewed
CVE-2025-22210 was published Feb 25, 2025
Improper Input Validation vulnerability in The Document Foundation LibreOffice allows Windows... High Unreviewed
CVE-2025-0514 was published Feb 26, 2025
A vulnerability exists in ChurchCRM 5.13.0 that allows an attacker to execute arbitrary... High Unreviewed
CVE-2025-1024 was published Feb 19, 2025
A vulnerability classified as critical was found in D-Link DAP-1320 1.00. Affected by this... High Unreviewed
CVE-2025-1538 was published Feb 21, 2025
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in... High Unreviewed
CVE-2025-24680 was published Jan 27, 2025
An issue was discovered in Veritas NetBackup before 8.3.0.2. BPCD allows an unprivileged user to... High Unreviewed
CVE-2023-28758 was published Mar 23, 2023
NVIDIA Jetson Linux and IGX OS image contains a vulnerability in the UEFI firmware RCM boot mode,... High Unreviewed
CVE-2024-0148 was published Feb 25, 2025
Buffer overflow in some Zoom Apps may allow an authenticated user to conduct an escalation of... High Unreviewed
CVE-2024-45421 was published Feb 25, 2025
Improper access control in mail module of Odoo Community 17.0 and Odoo Enterprise 17.0 allows... High Unreviewed
CVE-2024-36259 was published Feb 25, 2025
Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0... High Unreviewed
CVE-2024-12368 was published Feb 25, 2025
Winlogon Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43583 was published Oct 8, 2024
A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might... High Unreviewed
CVE-2023-1513 was published Mar 23, 2023
An authenticated attacker can leverage an exposed getattr() method via a Jinja template to... High Unreviewed
CVE-2023-1304 was published Mar 21, 2023
In the Linux kernel, the following vulnerability has been resolved: IORING_OP_READ did not... High Unreviewed
CVE-2023-52926 was published Feb 24, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2024-25928 was published Feb 23, 2024
In multiple functions of MediaSessionRecord.java, there is a possible Intent rebroadcast due to a... High Unreviewed
CVE-2023-20964 was published Mar 24, 2023
In getAvailabilityStatus of EnableContentCapturePreferenceController.java, there is a possible... High Unreviewed
CVE-2023-20975 was published Mar 24, 2023
A stack-based buffer overflow in the built-in web server in Moxa NPort W2150A/W2250A Series... High Unreviewed
CVE-2024-1220 was published Mar 6, 2024
Insufficient control flow management in AmdCpmGpioInitSmm may allow a privileged attacker to... High Unreviewed
CVE-2023-20559 was published Apr 2, 2023
In serializePasspointConfiguration of PasspointXmlUtils.java, there is a possible logic error in... High Unreviewed
CVE-2023-21027 was published Mar 24, 2023
There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 and 3.4 that may allow a... High Unreviewed
CVE-2025-1067 was published Feb 25, 2025
There is an untrusted search path vulnerability in Esri ArcGIS AllSource 1.2 and 1.3 that may... High Unreviewed
CVE-2025-1068 was published Feb 25, 2025
A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X... High Unreviewed
CVE-2025-26594 was published Feb 25, 2025
A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still... High Unreviewed
CVE-2025-26600 was published Feb 25, 2025
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a... High Unreviewed
CVE-2025-26597 was published Feb 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database