Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

98,900 advisories

Loading
Bdrive NetDrive Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-2768 was published Apr 23, 2025
GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2025-2760 was published Apr 23, 2025
CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This... High Unreviewed
CVE-2025-2762 was published Apr 23, 2025
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in... High Unreviewed
CVE-2025-28022 was published Apr 23, 2025
TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a buffer overflow vulnerability in... High Unreviewed
CVE-2025-28021 was published Apr 23, 2025
PostHog database_schema Server-Side Request Forgery Information Disclosure Vulnerability. This... High Unreviewed
CVE-2025-1522 was published Apr 23, 2025
PostHog slack_incoming_webhook Server-Side Request Forgery Information Disclosure Vulnerability.... High Unreviewed
CVE-2025-1521 was published Apr 23, 2025
TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in... High Unreviewed
CVE-2025-28018 was published Apr 23, 2025
TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in... High Unreviewed
CVE-2025-28019 was published Apr 23, 2025
TOTOLINK A800R V4.1.2cu.5137_B20200730 was found to contain a buffer overflow vulnerability in... High Unreviewed
CVE-2025-28020 was published Apr 23, 2025
TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c... High Unreviewed
CVE-2025-28025 was published Apr 23, 2025
TOTOLINK A830R V4.1.2cu.5182_B20201102, A950RG V4.1.2cu.5161_B20200903, A3000RU V5.9c... High Unreviewed
CVE-2025-28028 was published Apr 23, 2025
Luxion KeyShot Viewer KSP File Parsing Heap-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2025-1045 was published Apr 23, 2025
Sonos Era 300 Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-1048 was published Apr 23, 2025
Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows... High Unreviewed
CVE-2025-1050 was published Apr 23, 2025
Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2025-1049 was published Apr 23, 2025
Luxion KeyShot PVS File Parsing Access of Uninitialized Pointer Remote Code Execution... High Unreviewed
CVE-2025-1047 was published Apr 23, 2025
Luxion KeyShot SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-1046 was published Apr 23, 2025
This vulnerability exists in Meon KYC solutions due to missing restrictions on the number of... High Unreviewed
CVE-2025-42600 was published Apr 23, 2025
This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the... High Unreviewed
CVE-2025-42601 was published Apr 23, 2025
This vulnerability exists in the Meon KYC solutions due to transmission of sensitive data in... High Unreviewed
CVE-2025-42603 was published Apr 23, 2025
This vulnerability exists in Meon KYC solutions due to improper handling of access and refresh... High Unreviewed
CVE-2025-42602 was published Apr 23, 2025
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to product price... High Unreviewed
CVE-2025-3530 was published Apr 23, 2025
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information... High Unreviewed
CVE-2025-3529 was published Apr 23, 2025
Missing authorization vulnerability in synocopy in Synology DiskStation Manager (DSM) before 7.1... High Unreviewed
CVE-2025-1021 was published Apr 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database