Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,614
Maven
5,000+
npm
4,254
NuGet
760
pip
4,031
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

113,422 advisories

Loading
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2025-43942 was published Oct 30, 2025
Cross-Site Scripting (XSS) vulnerability in Checkmk's distributed monitoring allows a compromised... High Unreviewed
CVE-2025-39663 was published Oct 30, 2025
A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote... High Unreviewed
CVE-2025-53880 was published Oct 30, 2025
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client... High Unreviewed
CVE-2025-62230 was published Oct 30, 2025
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension... High Unreviewed
CVE-2025-62229 was published Oct 30, 2025
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds... High Unreviewed
CVE-2025-62231 was published Oct 30, 2025
Drupal Simple OAuth (OAuth2) & OpenID Connect allows Authentication Bypass High
CVE-2025-12466 was published for drupal/simple_oauth (Composer) Oct 30, 2025
Drupal Acquia DAM allows Forceful Browsing High
CVE-2025-9954 was published for drupal/acquia_dam (Composer) Oct 30, 2025
Drupal CivicTheme Design System allows Forceful Browsing High
CVE-2025-12082 was published for drupal/civictheme (Composer) Oct 30, 2025
Validating certificate chains which contain DSA public keys can cause programs to panic, due to a... High Unreviewed
CVE-2025-58188 was published Oct 30, 2025
The ParseAddress function constructeds domain-literal address components through repeated string... High Unreviewed
CVE-2025-61725 was published Oct 30, 2025
Prior to September 19, 2025, the Hospital Manager Backend Services exposed the ASP.NET tracing... High Unreviewed
CVE-2025-54459 was published Oct 30, 2025
On affected platforms, restricted users could use SSH port forwarding to access host-internal... High Unreviewed
CVE-2025-54546 was published Oct 30, 2025
On affected platforms, a restricted user could break out of the CLI sandbox to the system shell... High Unreviewed
CVE-2025-54545 was published Oct 30, 2025
LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore High
CVE-2025-64104 was published for langgraph-checkpoint-sqlite (pip) Oct 29, 2025
ColeMurray
Credited to ColeMurray
Zitadel May Bypass Second Authentication Factor High
CVE-2025-64103 was published for github.com/zitadel/zitadel/v2 (Go) Oct 29, 2025
livio-a mffap
Credited to livio-a and mffap
Zitadel allows brute-forcing authentication factors High
CVE-2025-64102 was published for github.com/zitadel/zitadel/v2 (Go) Oct 29, 2025
livio-a
Credited to livio-a
ZITADEL Vulnerable to Account Takeover via Malicious Forwarded Header Injection High
CVE-2025-64101 was published for github.com/zitadel/zitadel/v2 (Go) Oct 29, 2025
amit-laish livio-a
Credited to amit-laish and livio-a
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-10922 was published Oct 29, 2025
GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2025-10924 was published Oct 29, 2025
GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-10925 was published Oct 29, 2025
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-10921 was published Oct 29, 2025
GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2025-10923 was published Oct 29, 2025
GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-10920 was published Oct 29, 2025
GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-10934 was published Oct 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database