Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

12,395 advisories

Loading
Coder accepts an APIKey beyond the linked OIDC expiry if there is no refresh token Low
GHSA-3rw9-wmc8-8948 was published for github.com/coder/coder/v2 (Go) Aug 28, 2025
spikecurtis
A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Impacted is an unknown... Low Unreviewed
CVE-2025-9576 was published Aug 28, 2025
Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is... Low Unreviewed
CVE-2025-51643 was published Aug 28, 2025
Agiloft Release 28 contains an XML External Entities vulnerability in any table that allows ... Low Unreviewed
CVE-2025-35112 was published Aug 27, 2025
ImageMagick affected by divide-by-zero in ThumbnailImage via montage -geometry ":" leads to crash Low
CVE-2025-55212 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 26, 2025
amethyst0225 leehohojune
jin-156
A vulnerability was detected in Mihomo Party up to 1.8.1 on macOS. Affected is the function... Low Unreviewed
CVE-2025-9474 was published Aug 26, 2025
On affected platforms running Arista EOS, the global common encryption key configuration may be... Low Unreviewed
CVE-2025-3456 was published Aug 26, 2025
ImageMagick has a heap-buffer-overflow Low
GHSA-fff3-4rp7-px97 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 25, 2025
hardik05
ImageMagick has a Memory Leak in magick stream Low
CVE-2025-53019 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 25, 2025
momo-trip YutoIn
iwashiira utshina
ImageMagick has a Heap Buffer Overflow in InterpretImageFilename Low
CVE-2025-53014 was published for Magick.NET-Q16-AnyCPU (NuGet) Aug 25, 2025
momo-trip iwashiira
utshina on-keyday
A security vulnerability has been detected in FNKvision Y215 CCTV Camera 10.194.120.40. This... Low Unreviewed
CVE-2025-9383 was published Aug 24, 2025
A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an... Low Unreviewed
CVE-2025-9381 was published Aug 24, 2025
Improper Output Neutralization for Logs vulnerability in Apache Log4cxx. When using HTMLLayout,... Low Unreviewed
CVE-2025-54812 was published Aug 22, 2025
DooTask v1.0.51 was dicovered to contain an authenticated arbitrary download vulnerability via... Low Unreviewed
CVE-2025-55455 was published Aug 22, 2025
Rust XCB `xcb::Connection::connect_to_fd*` functions violate I/O safety Low
GHSA-655h-hg88-5qmf was published for xcb (Rust) Aug 22, 2025
UnoPim has CSV Injection on Quick Export feature Low
CVE-2025-55745 was published for unopim/unopim (Composer) Aug 22, 2025
sn1p3rt3s7
Bouncy Castle for Java has Out-of-Bounds Write Vulnerability Low
CVE-2025-9340 was published for org.bouncycastle:bc-fips (Maven) Aug 22, 2025
Liferay Portal Reflected Cross-Site Scripting Vulnerability via Form Container Low
CVE-2025-43753 was published for com.liferay:com.liferay.layout.taglib (Maven) Aug 22, 2025
An issue in the component /api/download_work_dir_file.py of Agent-Zero v0.8.* allows attackers to... Low Unreviewed
CVE-2025-55523 was published Aug 21, 2025
A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an unknown function of the file ... Low Unreviewed
CVE-2025-9309 was published Aug 21, 2025
Mattermost Fails to Properly Validate Team Role Modification Low
CVE-2025-53971 was published for github.com/mattermost/mattermost-server (Go) Aug 21, 2025
Mattermost Server SSRF Vulnerability via the Agents Plugin Low
CVE-2025-47700 was published for github.com/mattermost/mattermost-server (Go) Aug 21, 2025
Mattermost Lack of Access Control Validation Low
CVE-2025-49810 was published for github.com/mattermost/mattermost-server (Go) Aug 21, 2025
wong2 mcp-cli Command Injection Vulnerability Low
CVE-2025-9262 was published for @wong2/mcp-cli (npm) Aug 21, 2025
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... Low Unreviewed
CVE-2025-8448 was published Aug 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database