GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,106
Composer 5,090
Erlang 40
GitHub Actions 38
Go 2,762
Maven 6,180
npm 4,371
NuGet 767
pip 4,141
Pub 12
RubyGems 962
Rust 1,070
Swift 45

Unreviewed advisories

All unreviewed 281,757

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

192 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Filebeat Beats has Buffer Overflow via Malformed Syslog Message or Malicious Tokenizer Pattern in Dissect Configuration Moderate

CVE-2025-68383 was published for github.com/elastic/beats (Go) Dec 19, 2025

openrsync through 0.5.0, as used in OpenBSD through 7.8 and on other platforms, allows a client... Moderate Unreviewed

CVE-2025-67901 was published Dec 15, 2025

IBM Controller 11.1.0 through 11.1.1 and IBM Cognos Controller 11.0.0 through 11.0.1 FP6 could... Moderate Unreviewed

CVE-2025-36015 was published Dec 9, 2025

NUT-14 allows cashu tokens to be created with a preimage hash. However, nutshell (cashubtc/nuts)... Critical Unreviewed

CVE-2025-65548 was published Dec 8, 2025

NVIDIA Triton Server for Linux contains a vulnerability where an attacker may cause an improper... High Unreviewed

CVE-2025-33211 was published Dec 3, 2025

In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer... Moderate Unreviewed

CVE-2025-59820 was published Nov 26, 2025

Inconsistent object size validation in time series processing logic may result in later... High Unreviewed

CVE-2025-13507 was published Nov 25, 2025

The security state of the calling processor into Arm® Trusted Firmware (TF-A) is not used and... High Unreviewed

CVE-2025-48507 was published Nov 23, 2025

The Secure Flag passed to Versal™ Adaptive SoC’s Arm® Trusted Firmware for Cortex®-A processors ... Low Unreviewed

CVE-2025-54515 was published Nov 23, 2025

N-central < 2025.4 can generate sessionIDs for unauthenticated users This issue affects N... Moderate Unreviewed

CVE-2025-9316 was published Nov 12, 2025

Improper Validation of Specified Quantity in Input vulnerability in TCP Communication Function on... Moderate Unreviewed

CVE-2025-10259 was published Nov 6, 2025

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated... Moderate Unreviewed

CVE-2025-36092 was published Nov 3, 2025

A data corruption vulnerability has been identified in the luksmeta utility when used with the... Moderate Unreviewed

CVE-2025-11568 was published Oct 15, 2025

When a BIG-IP Advanced WAF or ASM security policy is configured with a URL greater than 1024... High Unreviewed

CVE-2025-61938 was published Oct 15, 2025

In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime... Moderate Unreviewed

CVE-2025-0038 was published Oct 6, 2025

Liferay Portal has Improper Validation of Specified Quantity in Input Moderate

CVE-2025-43793 was published for com.liferay.portal:com.liferay.portal.impl (Maven) Sep 15, 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 7.12 before 18.1.6, 18.2... High Unreviewed

CVE-2025-2256 was published Sep 12, 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 18.1.6, 18.2... Moderate Unreviewed

CVE-2025-10094 was published Sep 12, 2025

Improper Validation of Specified Quantity in Input vulnerability in ThemesGrove WP SmartPay. This... High Unreviewed

CVE-2025-32689 was published Sep 9, 2025

Improper input validation in AMD Power Management Firmware (PMFW) could allow a privileged... Moderate Unreviewed

CVE-2024-36346 was published Sep 6, 2025

In the Linux kernel, the following vulnerability has been resolved: mm/damon/ops-common: ignore... Moderate Unreviewed

CVE-2025-39700 was published Sep 5, 2025

Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo allows... Moderate Unreviewed

CVE-2025-58835 was published Sep 5, 2025

Improper Input Validation vulnerability in OpenText Self Service Password Reset allows... High Unreviewed

CVE-2025-5808 was published Aug 29, 2025

Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler... High Unreviewed

CVE-2025-8424 was published Aug 26, 2025

An issue was discovered in mouse07410 asn1c thru 0.9.29 (2025-03-20) - a fork of vlm asn1c. In... Critical Unreviewed

CVE-2025-55398 was published Aug 22, 2025

Previous1…8 Next

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

192 advisories