Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,904
Maven
5,000+
npm
5,000+
NuGet
967
pip
5,000+
Pub
13
RubyGems
1,062
Rust
1,374
Swift
54
Unreviewed advisories
All unreviewed
5,000+

119 advisories

Loading
An unauthenticated remote attacker can send a specially crafted Modbus read command to the device... High Unreviewed
CVE-2025-41729 was published Nov 24, 2025
The VAPIX API port.cgi did not have sufficient input validation, which may result in process... Moderate Unreviewed
CVE-2025-9524 was published Nov 11, 2025
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary... Moderate Unreviewed
CVE-2025-4645 was published Nov 11, 2025
ACAP applications can gain elevated privileges due to improper input validation, potentially... Moderate Unreviewed
CVE-2025-6298 was published Nov 11, 2025
Improper validation of specified type of input in Windows Authentication Methods allows an... High Unreviewed
CVE-2025-59278 was published Oct 14, 2025
Improper validation of specified type of input in Windows Authentication Methods allows an... High Unreviewed
CVE-2025-59277 was published Oct 14, 2025
Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an... Moderate Unreviewed
CVE-2025-59257 was published Oct 14, 2025
Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an... Moderate Unreviewed
CVE-2025-59259 was published Oct 14, 2025
Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an... Moderate Unreviewed
CVE-2025-58729 was published Oct 14, 2025
Improper validation of specified type of input in Microsoft Windows allows an authorized attacker... High Unreviewed
CVE-2025-55701 was published Oct 14, 2025
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This... High Unreviewed
CVE-2025-20711 was published Oct 14, 2025
Mattermost Desktop App versions <= 5.13.0 fail to validate URLs external to the configured... Low Unreviewed
CVE-2025-58084 was published Oct 13, 2025
Synapse's invalid device keys degrade federation functionality Moderate
CVE-2025-61672 was published for matrix-synapse (pip) Oct 8, 2025
dkasak Credited to dkasak
A vulnerability in the web UI of Cisco IOS Software could allow an authenticated, remote attacker... High Unreviewed
CVE-2025-20327 was published Sep 24, 2025
Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.A remote code... High Unreviewed
CVE-2024-48851 was published Sep 18, 2025
Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.This issue affects... High Unreviewed
CVE-2025-10207 was published Sep 18, 2025
Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed
CVE-2025-42929 was published Sep 9, 2025
Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed
CVE-2025-42916 was published Sep 9, 2025
A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security... High Unreviewed
CVE-2025-20244 was published Aug 14, 2025
A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security... High Unreviewed
CVE-2025-20251 was published Aug 14, 2025
A security issue exists due to improper handling of CIP Class 32’s request when a module is... High Unreviewed
CVE-2025-9042 was published Aug 14, 2025
A security issue exists due to improper handling of CIP Class 32’s request when a module is... High Unreviewed
CVE-2025-9041 was published Aug 14, 2025
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary... Moderate Unreviewed
CVE-2025-30027 was published Aug 12, 2025
Mattermost Confluence Plugin has Improper Validation of Specified Type of Input High
CVE-2025-54525 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2... Moderate Unreviewed
CVE-2024-40682 was published Jul 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database