Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,757
Maven
5,000+
npm
4,363
NuGet
766
pip
4,128
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5,104 advisories

Loading
A mail header parsing issue was addressed with improved checks. This issue is fixed in watchOS 26... High Unreviewed
CVE-2025-43494 was published Dec 12, 2025
edoc-doctor-appointment-system v1.0.1 is vulnerable to Cross Site Scripting (XSS) in admin/add... High Unreviewed
CVE-2025-66918 was published Dec 11, 2025
A vulnerability in TeamViewer DEX Client (former 1E client) - Content Distribution Service ... High Unreviewed
CVE-2025-44016 was published Dec 11, 2025
A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically... High Unreviewed
CVE-2025-64986 was published Dec 11, 2025
A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically... High Unreviewed
CVE-2025-64987 was published Dec 11, 2025
A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically... High Unreviewed
CVE-2025-64988 was published Dec 11, 2025
A command injection vulnerability was discovered in TeamViewer DEX (former 1E DEX), specifically... High Unreviewed
CVE-2025-64989 was published Dec 11, 2025
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input... High Unreviewed
CVE-2025-61812 was published Dec 10, 2025
Improper input validation in Microsoft Exchange Server allows an authorized attacker to elevate... High Unreviewed
CVE-2025-64666 was published Dec 9, 2025
Improper input validation in Windows Installer allows an authorized attacker to elevate... High Unreviewed
CVE-2025-62571 was published Dec 9, 2025
Improper input validation in Windows Message Queuing allows an authorized attacker to elevate... High Unreviewed
CVE-2025-62455 was published Dec 9, 2025
A vulnerability has been identified in SINEC Security Monitor (All versions < V4.10.0). The... High Unreviewed
CVE-2025-40831 was published Dec 9, 2025
A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an... High Unreviewed
CVE-2025-13428 was published Dec 9, 2025
EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by... High Unreviewed
CVE-2025-2296 was published Dec 9, 2025
In init_pkvm_hyp_vcpu of pkvm.c, there is a possible out of bounds write due to improper input... High Unreviewed
CVE-2025-48623 was published Dec 8, 2025
In multiple functions of arm-smmu-v3.c, there is a possible out-of-bounds write due to improper... High Unreviewed
CVE-2025-48624 was published Dec 8, 2025
In setDisplayName of AssociationRequest.java, there is a possible way to cause CDM associations... High Unreviewed
CVE-2025-48632 was published Dec 8, 2025
In __pkvm_load_tracing of trace.c, there is a possible out-of-bounds write due to improper input... High Unreviewed
CVE-2025-48638 was published Dec 8, 2025
In onUidImportance of DisassociationProcessor.java, there is a possible way to retain companion... High Unreviewed
CVE-2025-48594 was published Dec 8, 2025
In multiple locations, there is a possible way for an application on a work profile to set the... High Unreviewed
CVE-2025-48612 was published Dec 8, 2025
In disassociate of DisassociationProcessor.java, there is a possible way for an app to continue... High Unreviewed
CVE-2025-48525 was published Dec 8, 2025
In multiple locations, there is a possible bypass of user profile boundary with a forwarded... High Unreviewed
CVE-2025-48566 was published Dec 8, 2025
Improper Input Validation vulnerability in Infinera MTC-9 allows remote unauthenticated users to... High Unreviewed
CVE-2025-26488 was published Dec 8, 2025
An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. A remote... High Unreviewed
CVE-2025-54306 was published Dec 4, 2025
A flaw was found in Undertow that can cause remote denial of service attacks. When the server... High Unreviewed
CVE-2024-3884 was published Dec 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database