Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

96 advisories

Loading
Free5GC is vulnerable to DoS via the Nudm_SubscriberDataManagement API Moderate
CVE-2025-60633 was published for github.com/free5gc/openapi (Go) Nov 24, 2025
Fluent Bit in_http, in_splunk, and in_elasticsearch input plugins fail to sanitize tag_key inputs... Critical Unreviewed
CVE-2025-12977 was published Nov 24, 2025
An unauthenticated remote attacker can send a specially crafted Modbus read command to the device... High Unreviewed
CVE-2025-41729 was published Nov 24, 2025
The VAPIX API port.cgi did not have sufficient input validation, which may result in process... Moderate Unreviewed
CVE-2025-9524 was published Nov 11, 2025
ACAP applications can gain elevated privileges due to improper input validation, potentially... Moderate Unreviewed
CVE-2025-6298 was published Nov 11, 2025
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary... Moderate Unreviewed
CVE-2025-4645 was published Nov 11, 2025
Improper validation of specified type of input in Windows Authentication Methods allows an... High Unreviewed
CVE-2025-59277 was published Oct 14, 2025
Improper validation of specified type of input in Windows Authentication Methods allows an... High Unreviewed
CVE-2025-59278 was published Oct 14, 2025
Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an... Moderate Unreviewed
CVE-2025-59257 was published Oct 14, 2025
Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an... Moderate Unreviewed
CVE-2025-59259 was published Oct 14, 2025
Improper validation of specified type of input in Microsoft Windows allows an authorized attacker... High Unreviewed
CVE-2025-55701 was published Oct 14, 2025
Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an... Moderate Unreviewed
CVE-2025-58729 was published Oct 14, 2025
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This... High Unreviewed
CVE-2025-20711 was published Oct 14, 2025
Mattermost Desktop App versions <= 5.13.0 fail to validate URLs external to the configured... Low Unreviewed
CVE-2025-58084 was published Oct 13, 2025
Synapse's invalid device keys degrade federation functionality Moderate
CVE-2025-61672 was published for matrix-synapse (pip) Oct 8, 2025
dkasak
Credited to dkasak
A vulnerability in the web UI of Cisco IOS Software could allow an authenticated, remote attacker... High Unreviewed
CVE-2025-20327 was published Sep 24, 2025
Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.A remote code... High Unreviewed
CVE-2024-48851 was published Sep 18, 2025
Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.This issue affects... High Unreviewed
CVE-2025-10207 was published Sep 18, 2025
Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed
CVE-2025-42929 was published Sep 9, 2025
Due to missing input validation, an attacker with high privilege access to ABAP reports could... High Unreviewed
CVE-2025-42916 was published Sep 9, 2025
A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security... High Unreviewed
CVE-2025-20251 was published Aug 14, 2025
A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security... High Unreviewed
CVE-2025-20244 was published Aug 14, 2025
A security issue exists due to improper handling of CIP Class 32’s request when a module is... High Unreviewed
CVE-2025-9041 was published Aug 14, 2025
A security issue exists due to improper handling of CIP Class 32’s request when a module is... High Unreviewed
CVE-2025-9042 was published Aug 14, 2025
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary... Moderate Unreviewed
CVE-2025-30027 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database