GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,677

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

109 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

On a client with an admin user, a Global_Shipping script can be implemented. The script could... High Unreviewed

CVE-2025-12509 was published Oct 31, 2025

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a... Critical Unreviewed

CVE-2025-32463 was published Jun 30, 2025

ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an... Critical Unreviewed

CVE-2024-9537 was published Oct 18, 2024

An arbitrary code execution vulnerability exists in the git functionality of Truffle Security Co.... High Unreviewed

CVE-2025-41390 was published Oct 20, 2025

Inclusion of Functionality from Untrusted Control Sphere vulnerability in HCL MyXalytics. v6.6... Low Unreviewed

CVE-2025-52655 was published Oct 10, 2025

Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows to execute arbitrary... Moderate Unreviewed

CVE-2025-62186 was published Oct 7, 2025

IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11... High Unreviewed

CVE-2025-36355 was published Oct 6, 2025

A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link... High Unreviewed

CVE-2023-49133 was published Apr 9, 2024

A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link... High Unreviewed

CVE-2023-49134 was published Apr 9, 2024

In JetBrains IntelliJ IDEA before 2025.2 unexpected plugin startup was possible due to automatic... Moderate Unreviewed

CVE-2025-57729 was published Aug 20, 2025

Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin... High Unreviewed

CVE-2025-8714 was published Aug 14, 2025

Sandbox escape in the JavaScript Task feature of Google Cloud Application Integration allows an... Critical Unreviewed

CVE-2025-0982 was published Feb 6, 2025

Inclusion of Functionality from Untrusted Control Sphere vulnerability in Simplehelp.This issue... High Unreviewed

CVE-2025-36727 was published Jul 25, 2025

OpenAI Codex CLI before 0.9.0 auto-approves ripgrep (aka rg) execution even with the --pre or -... Moderate Unreviewed

CVE-2025-54558 was published Jul 25, 2025

The Secure Password extension in One Identity Password Manager before 5.14.4 allows local... High Unreviewed

CVE-2025-27582 was published Jul 14, 2025

mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by... High Unreviewed

CVE-2025-49809 was published Jul 4, 2025

A flaw was found in Yelp. The Gnome user help application allows the help document to execute... Moderate Unreviewed

CVE-2025-3155 was published Apr 3, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-39507 was published May 16, 2025

Inclusion of functionality from an untrusted control sphere in Elastic Agent subprocess, osqueryd... Moderate Unreviewed

CVE-2024-52976 was published May 1, 2025

In Bandisoft Bandizip through 7.37, there is a Mark-of-the-Web Bypass Vulnerability. This... Moderate Unreviewed

CVE-2025-33027 was published Apr 15, 2025

In PeaZip through 10.4.0, there is a Mark-of-the-Web Bypass Vulnerability. This vulnerability... Moderate Unreviewed

CVE-2025-33026 was published Apr 15, 2025

A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated,... High Unreviewed

CVE-2025-20236 was published Apr 16, 2025

An iframe that was not permitted to run scripts could do so if the user clicked on a <code... High Unreviewed

CVE-2022-34468 was published Dec 22, 2022

An Inclusion of Functionality from Untrusted Control Sphere vulnerability in the SSH server on B... High Unreviewed

CVE-2024-45482 was published Mar 25, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed

CVE-2025-27668 was published Mar 5, 2025

Previous1…5 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

109 advisories