Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

114,814 advisories

Loading
OpenSearch is vulnerable to DoS via complex query_string inputs High
CVE-2025-9624 was published for org.opensearch:opensearch-common (Maven) Nov 25, 2025
RafSobol
Credited to RafSobol
Model Context Protocol (MCP) Python SDK does not enable DNS rebinding protection by default High
CVE-2025-66416 was published for mcp (pip) Dec 2, 2025
Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protection by default High
CVE-2025-66414 was published for @modelcontextprotocol/sdk (npm) Dec 2, 2025
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... High Unreviewed
CVE-2025-59697 was published Dec 2, 2025
Insertion of Sensitive Information into Log File vulnerability in upKeeper Solutions upKeeper... High Unreviewed
CVE-2025-11446 was published Nov 19, 2025
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... High Unreviewed
CVE-2025-59702 was published Dec 2, 2025
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the... High Unreviewed
CVE-2023-53286 was published Sep 16, 2025
In the Linux kernel, the following vulnerability has been resolved: ubi: ensure that VID header... High Unreviewed
CVE-2023-53265 was published Sep 16, 2025
A vulnerability was identified in certain UniFi Talk devices where internal debugging... High Unreviewed
CVE-2025-52663 was published Oct 31, 2025
In the Linux kernel, the following vulnerability has been resolved: ext4: add bounds checking in... High Unreviewed
CVE-2023-53285 was published Sep 16, 2025
In the Linux kernel, the following vulnerability has been resolved: HID: intel-thc-hid: intel... High Unreviewed
CVE-2025-39809 was published Sep 16, 2025
In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix memory... High Unreviewed
CVE-2025-39810 was published Sep 16, 2025
A privilege escalation vulnerability was identified in GitHub Enterprise Server that allowed an... High Unreviewed
CVE-2025-11578 was published Nov 11, 2025
Missing authorization check in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes users... High Unreviewed
CVE-2025-52670 was published Nov 20, 2025
In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined... High Unreviewed
CVE-2025-39821 was published Sep 16, 2025
The code that processes control channel messages sent to `named` calls certain functions... High Unreviewed
CVE-2023-3341 was published Sep 20, 2023
A vulnerability found in gnutls. This security flaw happens because of a double free error occurs... High Unreviewed
CVE-2022-2509 was published Aug 2, 2022
In the Linux kernel, the following vulnerability has been resolved: arm64/sme: Set new vector... High Unreviewed
CVE-2023-53184 was published Sep 15, 2025
A flaw was found in the c-ares package. The ares_set_sortlist is missing checks about the... High Unreviewed
CVE-2022-4904 was published Mar 7, 2023
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fix use... High Unreviewed
CVE-2023-53263 was published Sep 16, 2025
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after... High Unreviewed
CVE-2023-53282 was published Sep 16, 2025
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix scheduling while... High Unreviewed
CVE-2023-53262 was published Sep 15, 2025
A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to... High Unreviewed
CVE-2021-3999 was published Aug 25, 2022
A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the... High Unreviewed
CVE-2021-43666 was published Mar 25, 2022
NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer... High Unreviewed
CVE-2025-64298 was published Dec 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database