GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,776
Composer 5,036
Erlang 39
GitHub Actions 38
Go 2,680
Maven 6,124
npm 4,308
NuGet 760
pip 4,081
Pub 12
RubyGems 958
Rust 1,061
Swift 45

Unreviewed advisories

All unreviewed 278,313

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

11,139 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was determined in motogadget mo.lock Ignition Lock up to 20251125. Affected by... Low Unreviewed

CVE-2025-6666 was published Nov 29, 2025

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of... Low Unreviewed

CVE-2025-66382 was published Nov 28, 2025

Mustang before 2.16.3 allows exfiltrating files via XXE attacks. Low Unreviewed

CVE-2025-66372 was published Nov 28, 2025

Emails sent by pretix can utilize placeholders that will be filled with customer data. For... Low Unreviewed

CVE-2025-13742 was published Nov 27, 2025

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.2 before 18.4.5, 18... Low Unreviewed

CVE-2025-13611 was published Nov 26, 2025

An issue was discovered in Overhang.IO (tutor-open-edx) (overhangio/tutor) 20.0.2 allowing local... Low Unreviewed

CVE-2025-65681 was published Nov 26, 2025

The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in... Low Unreviewed

CVE-2025-2486 was published Nov 26, 2025

In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets... Low Unreviewed

CVE-2025-20373 was published Nov 26, 2025

In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the... Low Unreviewed

CVE-2025-55174 was published Nov 26, 2025

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a... Low Unreviewed

CVE-2025-33198 was published Nov 25, 2025

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a... Low Unreviewed

CVE-2025-33200 was published Nov 25, 2025

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause... Low Unreviewed

CVE-2025-33199 was published Nov 25, 2025

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0... Low Unreviewed

CVE-2025-36134 was published Nov 25, 2025

A user with access to the cluster with a limited set of privilege actions may be able to... Low Unreviewed

CVE-2025-13643 was published Nov 25, 2025

Cross-site request forgery vulnerability exists in SNC-CX600W versions prior to Ver.2.8.0. If a... Low Unreviewed

CVE-2025-62497 was published Nov 25, 2025

Clients may successfully perform a TLS handshake with a MongoDB server despite presenting a... Low Unreviewed

CVE-2025-12893 was published Nov 25, 2025

A sensitive information disclosure vulnerability exists in the error handling component of... Low Unreviewed

CVE-2025-13596 was published Nov 24, 2025

The Secure Flag passed to Versal™ Adaptive SoC’s Arm® Trusted Firmware for Cortex®-A processors ... Low Unreviewed

CVE-2025-54515 was published Nov 23, 2025

With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is... Low Unreviewed

CVE-2025-12889 was published Nov 22, 2025

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels... Low Unreviewed

CVE-2025-12888 was published Nov 22, 2025

Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit... Low Unreviewed

CVE-2025-11931 was published Nov 22, 2025

Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in... Low Unreviewed

CVE-2025-11934 was published Nov 22, 2025

Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on... Low Unreviewed

CVE-2025-11933 was published Nov 22, 2025

The server previously verified the TLS 1.3 PSK binder using a non-constant time method which... Low Unreviewed

CVE-2025-11932 was published Nov 22, 2025

The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and... Low Unreviewed

CVE-2025-31216 was published Nov 22, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

11,139 advisories