Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

11,050 advisories

Loading
NVIDIA CUDA Toolkit contains a vulnerability in cuobjdump, where an unprivileged user can cause a... Low Unreviewed
CVE-2025-23346 was published Sep 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a... Low Unreviewed
CVE-2025-23271 was published Sep 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a... Low Unreviewed
CVE-2025-23248 was published Sep 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary where a... Low Unreviewed
CVE-2025-23255 was published Sep 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause... Low Unreviewed
CVE-2025-23338 was published Sep 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvJPEG where a local... Low Unreviewed
CVE-2025-23273 was published Sep 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where an attacker may... Low Unreviewed
CVE-2025-23308 was published Sep 24, 2025
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in cuobjdump where an attacker may... Low Unreviewed
CVE-2025-23339 was published Sep 24, 2025
An authentication bypass vulnerability exists in multiple WSO2 products when FIDO authentication... Low Unreviewed
CVE-2025-0672 was published Sep 23, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Alex Content Mask allows... Low Unreviewed
CVE-2025-58012 was published Sep 22, 2025
Missing Authorization vulnerability in codepeople CP Multi View Event Calendar allows Exploiting... Low Unreviewed
CVE-2025-58009 was published Sep 22, 2025
A vulnerability has been found in Smartstore up to 6.2.0. The affected element is an unknown... Low Unreviewed
CVE-2025-10778 was published Sep 22, 2025
A vulnerability was detected in CosmodiumCS OnlyRAT up to 3.2. The affected element is the... Low Unreviewed
CVE-2025-10767 was published Sep 22, 2025
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local... Low Unreviewed
CVE-2023-21470 was published Sep 19, 2025
Improper access control vulnerability in SLocation prior to SMR Apr-2022 Release 1 allows local... Low Unreviewed
CVE-2023-21469 was published Sep 19, 2025
PureVPN client applications on Linux through September 2025 mishandle firewalling. They flush the... Low Unreviewed
CVE-2025-59692 was published Sep 19, 2025
PureVPN client applications on Linux through September 2025 allow IPv6 traffic to leak outside... Low Unreviewed
CVE-2025-59691 was published Sep 19, 2025
In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming... Low Unreviewed
CVE-2025-30187 was published Sep 18, 2025
CISA Thorium does not properly invalidate previously used tokens when resetting passwords. An... Low Unreviewed
CVE-2025-35433 was published Sep 17, 2025
CISA Thorium does not validate TLS certificates when connecting to Elasticsearch. An... Low Unreviewed
CVE-2025-35434 was published Sep 17, 2025
In Alludo MindManager before 25.0.208 on Windows, attackers could potentially execute code as... Low Unreviewed
CVE-2025-30075 was published Sep 16, 2025
psPAS PowerShell module does not explicitly enforce TLS 1.2 within the 'Get-PASSAMLResponse'... Low Unreviewed
CVE-2025-59270 was published Sep 16, 2025
There is an an information disclosure vulnerability in ZTE T5400. Due to improper configuration... Low Unreviewed
CVE-2025-26710 was published Sep 16, 2025
The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value... Low Unreviewed
CVE-2025-59437 was published Sep 16, 2025
The ip (aka node-ip) package through 2.0.1 (in NPM) might allow SSRF because the IP address value... Low Unreviewed
CVE-2025-59436 was published Sep 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database