Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,700
Maven
5,000+
npm
4,328
NuGet
761
pip
4,100
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11,624 advisories

Loading
Apache Axis2 has Improper Input Validation Moderate
CVE-2012-5785 was published for org.apache.axis2:axis2 (Maven) May 17, 2022
steinybot
Credited to steinybot
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo... Moderate Unreviewed
CVE-2014-0207 was published May 17, 2022
A flaw was found in Undertow that can cause remote denial of service attacks. When the server... High Unreviewed
CVE-2024-3884 was published Dec 3, 2025
The cdf_count_chain function in cdf.c in file before 5.19, as used in the Fileinfo component in... Moderate Unreviewed
CVE-2014-3480 was published May 17, 2022
With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is... Low Unreviewed
CVE-2025-12889 was published Nov 22, 2025
Jansson 2.7 and earlier allows context-dependent attackers to cause a denial of service (deep... High Unreviewed
CVE-2016-4425 was published May 17, 2022
Claude Code Command Validation Bypass Allows Arbitrary Code Execution High
CVE-2025-66032 was published for @anthropic-ai/claude-code (npm) Dec 3, 2025
Ry0taK
Credited to Ry0taK
Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on... Low Unreviewed
CVE-2025-11933 was published Nov 22, 2025
Improper input validation together with an integer overflow in the EAP-TLS protocol... Critical Unreviewed
CVE-2018-11574 was published May 13, 2022
Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in... Low Unreviewed
CVE-2025-11934 was published Nov 22, 2025
Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple... Moderate Unreviewed
CVE-2025-11936 was published Nov 22, 2025
In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname... High Unreviewed
CVE-2018-19591 was published May 13, 2022
Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica... Critical Unreviewed
CVE-2025-66259 was published Nov 26, 2025
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and versions below 3.9.10,... Moderate Unreviewed
CVE-2025-20389 was published Dec 3, 2025
FeehiCMS Has a Remote Code Execution via Unrestricted File Upload in Ad Management Moderate
CVE-2025-65657 was published for feehi/cms (Composer) Dec 2, 2025
Tuxera NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the... High Unreviewed
CVE-2021-33287 was published May 24, 2022
A crafted NTFS image can cause a NULL pointer dereference in ntfs_extent_inode_open in NTFS-3G <... High Unreviewed
CVE-2021-39251 was published May 24, 2022
A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8... High Unreviewed
CVE-2021-39253 was published May 24, 2022
A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find... High Unreviewed
CVE-2021-39258 was published May 24, 2022
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_inode_lookup_by_name in NTFS... High Unreviewed
CVE-2021-39256 was published May 24, 2022
A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer... High Unreviewed
CVE-2021-39254 was published May 24, 2022
A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in... High Unreviewed
CVE-2021-39255 was published May 24, 2022
A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in... High Unreviewed
CVE-2021-39260 was published May 24, 2022
A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute... High Unreviewed
CVE-2021-39259 was published May 24, 2022
Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the... High Unreviewed
CVE-2021-35268 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database