Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

789 advisories

Loading
A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS).... High Unreviewed
CVE-2025-37088 was published Apr 23, 2025
Use after free in media in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to... High Unreviewed
CVE-2022-3307 was published Nov 2, 2022
Microsoft Security Advisory CVE-2024-38229 | .NET Remote Code Execution Vulnerability High
CVE-2024-38229 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Oct 8, 2024
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-29841 was published May 13, 2025
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to... High Unreviewed
CVE-2025-27468 was published May 13, 2025
Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed... High Unreviewed
CVE-2022-3071 was published Sep 27, 2022
Use after free in SplitScreen in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52... High Unreviewed
CVE-2022-3049 was published Sep 27, 2022
Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote... High Unreviewed
CVE-2022-3042 was published Sep 27, 2022
Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to... High Unreviewed
CVE-2022-2857 was published Sep 27, 2022
Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker... High Unreviewed
CVE-2022-2854 was published Sep 27, 2022
In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript allows... High Unreviewed
CVE-2016-20015 was published Sep 21, 2022
A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary... High Unreviewed
CVE-2018-15687 was published May 13, 2022
Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code... High Unreviewed
CVE-2025-32710 was published Jun 10, 2025
Using a javascript: URI with a setTimeout race condition, an attacker can execute unauthorized... High Unreviewed
CVE-2024-0605 was published Jan 22, 2024
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-47972 was published Jul 8, 2025
Use after free in Windows Connected Devices Platform Service allows an authorized attacker to... High Unreviewed
CVE-2025-48000 was published Jul 8, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-49665 was published Jul 8, 2025
Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-49678 was published Jul 8, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-49690 was published Jul 8, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-49737 was published Jul 8, 2025
OpenNebula Community Edition (CE) before 7.0.0 and Enterprise Edition (EE) before 6.10.3 have a... High Unreviewed
CVE-2025-54955 was published Aug 3, 2025
Webargs mishandles concurrent JSON parsing High
CVE-2019-9710 was published for webargs (pip) Mar 12, 2019
saip007
Credited to saip007
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb... High Unreviewed
CVE-2025-25278 was published Aug 11, 2025
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb... High Unreviewed
CVE-2025-27577 was published Aug 11, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-53135 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database