Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,486
Maven
5,000+
npm
4,104
NuGet
735
pip
3,918
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,392 advisories

Loading
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2025-9325 was published Sep 2, 2025
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2025-9324 was published Sep 2, 2025
Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2025-9323 was published Sep 2, 2025
Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This... Low Unreviewed
CVE-2025-9327 was published Sep 2, 2025
rocket.chat Incorrect Authorization Information Disclosure Vulnerability. This vulnerability... Low Unreviewed
CVE-2025-7974 was published Sep 2, 2025
Realtek RTL8811AU rtwlanu.sys N6CQueryInformationHandleCustomized11nOids Out-Of-Bounds Read... Low Unreviewed
CVE-2025-8298 was published Sep 2, 2025
MobSF Path Traversal in GET /download/<filename> using absolute filenames Low
CVE-2025-58161 was published for mobsf (pip) Sep 2, 2025
noname1337h1
A security vulnerability has been detected in Tenda W12 up to 3.0.0.6(3948). Affected is an... Low Unreviewed
CVE-2025-9778 was published Sep 2, 2025
A vulnerability was determined in Tenda AC9 15.03.05.19. The impacted element is an unknown... Low Unreviewed
CVE-2025-9731 was published Aug 31, 2025
Tracing logging user input may result in poisoning logs with ANSI escape sequences Low
CVE-2025-58160 was published for tracing-subscriber (Rust) Aug 29, 2025
zefr0x
A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker... Low Unreviewed
CVE-2025-44015 was published Aug 29, 2025
A buffer overflow vulnerability has been reported to affect several QNAP operating system... Low Unreviewed
CVE-2025-30265 was published Aug 29, 2025
A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If a remote... Low Unreviewed
CVE-2024-12923 was published Aug 29, 2025
Opencast has a partial path traversal vulnerability in UI config Low
CVE-2025-55202 was published for org.opencastproject:opencast-user-interface-configuration (Maven) Aug 29, 2025
opsysdebug lkiesow
Exiv2 has quadratic performance in ICC profile parsing in JpegBase::readMetadata Low
CVE-2025-55304 was published for Exiv2 (pip) Aug 29, 2025
gluck-pwn
Exiv2 Segmentation Faults in Exiv2::EpsImage::writeMetadata() via crafted EPS file Low
CVE-2025-54080 was published for Exiv2 (pip) Aug 29, 2025
dragonArthurX
Erroneously using an all-zero seed for RSA-OEAP padding instead of the generated random bytes, in... Low Unreviewed
CVE-2025-9071 was published Aug 29, 2025
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS... Low Unreviewed
CVE-2025-43255 was published Aug 29, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app... Low Unreviewed
CVE-2024-44271 was published Aug 29, 2025
An Improper Input Validation in UISP Application could allow a Command Injection by a malicious... Low Unreviewed
CVE-2025-48979 was published Aug 29, 2025
A vulnerability was determined in Cudy WR1200EA 2.3.7-20250113-121810. Affected is an unknown... Low Unreviewed
CVE-2025-9589 was published Aug 29, 2025
A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an... Low Unreviewed
CVE-2025-9577 was published Aug 28, 2025
Coder accepts an APIKey beyond the linked OIDC expiry if there is no refresh token Low
GHSA-3rw9-wmc8-8948 was published for github.com/coder/coder/v2 (Go) Aug 28, 2025
spikecurtis
A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown... Low Unreviewed
CVE-2025-9576 was published Aug 28, 2025
Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is... Low Unreviewed
CVE-2025-51643 was published Aug 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database