Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,745
Erlang
35
GitHub Actions
29
Go
2,318
Maven
5,000+
npm
3,953
NuGet
712
pip
3,736
Pub
12
RubyGems
920
Rust
970
Swift
38
Unreviewed advisories
All unreviewed
5,000+

108,009 advisories

Loading
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution ... High Unreviewed
CVE-2024-22903 was published Feb 2, 2024
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product exposes a... High Unreviewed
CVE-2020-16247 was published May 24, 2022
A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This... High Unreviewed
CVE-2025-5619 was published Jun 5, 2025
AstrBot Has Path Traversal Vulnerability in /api/chat/get_file High
CVE-2025-48957 was published for astrbot (pip) Jun 4, 2025
Soulter Raven95676
NextJS-Auth0 SDK Vulnerable to CDN Caching of Session Cookies High
CVE-2025-48947 was published for @auth0/nextjs-auth0 (npm) Jun 4, 2025
Deno's AES GCM authentication tags are not verified High
CVE-2025-24015 was published for deno (Rust) Jun 4, 2025
canislupaster
Arbitrary file read vulnerability in Git server Plugin can lead to RCE High
CVE-2024-23899 was published for org.jenkins-ci.plugins:git-server (Maven) Jan 24, 2024
File Upload vulnerability in Motivian Content Mangment System v.41.0.0 allows a remote attacker... High Unreviewed
CVE-2025-29093 was published Jun 4, 2025
A local privilege escalation in the razer_elevation_service.exe in Razer Synapse 4 through 4.0.86... High Unreviewed
CVE-2025-27811 was published Jun 4, 2025
An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1080, 2100, 1280, 2200, 1380... High Unreviewed
CVE-2025-23098 was published Jun 3, 2025
A vulnerability was found in D-Link DCS-932L 2.18.01. It has been classified as critical. This... High Unreviewed
CVE-2025-4843 was published May 18, 2025
Improper handling of input variables lead to multiple path traversal vulnerabilities in the... High Unreviewed
CVE-2025-22205 was published Feb 4, 2025
A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the... High Unreviewed
CVE-2025-5608 was published Jun 4, 2025
A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue... High Unreviewed
CVE-2025-5607 was published Jun 4, 2025
A vulnerability classified as critical was found in Tenda AC18 15.03.05.05. Affected by this... High Unreviewed
CVE-2025-5609 was published Jun 4, 2025
VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper... High Unreviewed
CVE-2025-22243 was published Jun 4, 2025
An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, 2400. The... High Unreviewed
CVE-2025-23100 was published Jun 3, 2025
CVE-2025-27703 is a privilege escalation vulnerability in the management console of Absolute... High Unreviewed
CVE-2025-27703 was published May 28, 2025
A vulnerability was found in D-Link DCS-932L 2.18.01. It has been declared as critical. This... High Unreviewed
CVE-2025-4842 was published May 18, 2025
Apache Tomcat - Denial of Service High
CVE-2024-34750 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jul 3, 2024
westonsteimel
Apache Airflow vulnerable to Improper Encoding or Escaping of Output High
CVE-2024-45498 was published for apache-airflow (pip) Sep 7, 2024
exolightor
Apache Linkis vulnerable to privilege escalation High
CVE-2024-27181 was published for org.apache.linkis:linkis (Maven) Aug 2, 2024
Jupyter Core on Windows Has Uncontrolled Search Path Element Local Privilege Escalation Vulnerability High
CVE-2025-30167 was published for jupyter_core (pip) Jun 4, 2025
krassowski
quic-go Has Panic in Path Probe Loss Recovery Handling High
CVE-2025-29785 was published for github.com/quic-go/quic-go (Go) Jun 3, 2025
Valtimo backend libraries allows objects in the object-api to be accessed and modified by unauthorized users High
CVE-2025-48881 was published for com.ritense.valtimo:object-management (Maven) May 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database