Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,314 advisories

Loading
Improper input validation in the AMD Graphics Driver could allow an attacker to supply a... High Unreviewed
CVE-2024-36352 was published Sep 6, 2025
Missing authorization in AMD RomArmor could allow an attacker to bypass ROMArmor protections... High Unreviewed
CVE-2024-36326 was published Sep 6, 2025
Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker... High Unreviewed
CVE-2024-36354 was published Sep 6, 2025
Improper input validation in the system management mode (SMM) could allow a privileged attacker... High Unreviewed
CVE-2024-21947 was published Sep 6, 2025
Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow... High Unreviewed
CVE-2024-36342 was published Sep 6, 2025
Improper isolation of shared resources on System-on-a-chip (SOC) could a privileged attacker to... High Unreviewed
CVE-2023-31325 was published Sep 6, 2025
Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability... High Unreviewed
CVE-2023-31322 was published Sep 6, 2025
A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function get_ping6_app_stat... High Unreviewed
CVE-2025-10034 was published Sep 6, 2025
An authenticated attacker may remotely execute arbitrary code via the CWMP binary on the devices... High Unreviewed
CVE-2025-9961 was published Sep 6, 2025
The Cloud SAML SSO plugin for WordPress is vulnerable to unauthorized modification of data due to... High Unreviewed
CVE-2025-7040 was published Sep 6, 2025
The Multi Step Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-9515 was published Sep 6, 2025
The The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is... High Unreviewed
CVE-2025-7366 was published Sep 6, 2025
ERP is a free and open source Enterprise Resource Planning tool. In versions below 14.89.2 and 15... High Unreviewed
CVE-2025-58439 was published Sep 6, 2025
Insufficient bounds checking in AMD TEE (Trusted Execution Environment) could allow an attacker... High Unreviewed
CVE-2021-26383 was published Sep 6, 2025
Coder vulnerable to privilege escalation could lead to a cross workspace compromise High
CVE-2025-58437 was published for github.com/coder/coder/v2 (Go) Sep 5, 2025
johnstcn
On-Chip Debug and Test Interface With Improper Access Control and Improper Protection against... High Unreviewed
CVE-2025-9709 was published Sep 5, 2025
Cross-Site Request Forgery (CSRF) vulnerability in ericzane Floating Window Music Player allows... High Unreviewed
CVE-2025-48104 was published Sep 5, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-57889 was published Sep 5, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-58206 was published Sep 5, 2025
Path Traversal vulnerability in Stefan Keller WooCommerce Payment Gateway for Saferpay allows... High Unreviewed
CVE-2025-48317 was published Sep 5, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-58214 was published Sep 5, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-53307 was published Sep 5, 2025
Some payload elements of the messages sent between two stations in a networking architecture are... High Unreviewed
CVE-2025-9999 was published Sep 5, 2025
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air... High Unreviewed
CVE-2025-30199 was published Sep 5, 2025
In System UI, there is a possible way to view other users' images due to a confused deputy. This... High Unreviewed
CVE-2025-32320 was published Sep 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database