Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,318 advisories

Loading
Due to an unsecure default configuration HTTP is used instead of HTTPS for the web interface. An... High Unreviewed
CVE-2025-41708 was published Sep 8, 2025
A low-privileged remote attacker could gain unauthorized access to critical resources, such as... High Unreviewed
CVE-2025-41664 was published Sep 8, 2025
An authenticated, low-privileged attacker can obtain credentials stored on the charge controller... High Unreviewed
CVE-2025-41682 was published Sep 8, 2025
Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This issue affects Danfoss AK-SM... High Unreviewed
CVE-2025-41450 was published May 8, 2025
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52... High Unreviewed
CVE-2025-3067 was published Apr 2, 2025
Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local... High Unreviewed
CVE-2025-0032 was published Sep 6, 2025
Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow... High Unreviewed
CVE-2024-36342 was published Sep 6, 2025
Improper input validation for DIMM serial presence detect (SPD) metadata could allow an attacker... High Unreviewed
CVE-2024-36354 was published Sep 6, 2025
Improper input validation in the AMD Graphics Driver could allow an attacker to supply a... High Unreviewed
CVE-2024-36352 was published Sep 6, 2025
Missing authorization in AMD RomArmor could allow an attacker to bypass ROMArmor protections... High Unreviewed
CVE-2024-36326 was published Sep 6, 2025
Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability... High Unreviewed
CVE-2023-31322 was published Sep 6, 2025
Improper isolation of shared resources on System-on-a-chip (SOC) could a privileged attacker to... High Unreviewed
CVE-2023-31325 was published Sep 6, 2025
Improper input validation in the system management mode (SMM) could allow a privileged attacker... High Unreviewed
CVE-2024-21947 was published Sep 6, 2025
A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function get_ping6_app_stat... High Unreviewed
CVE-2025-10034 was published Sep 6, 2025
An authenticated attacker may remotely execute arbitrary code via the CWMP binary on the devices... High Unreviewed
CVE-2025-9961 was published Sep 6, 2025
The Cloud SAML SSO plugin for WordPress is vulnerable to unauthorized modification of data due to... High Unreviewed
CVE-2025-7040 was published Sep 6, 2025
Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized... High Unreviewed
CVE-2025-53149 was published Aug 12, 2025
The Multi Step Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2025-9515 was published Sep 6, 2025
The The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is... High Unreviewed
CVE-2025-7366 was published Sep 6, 2025
ERP is a free and open source Enterprise Resource Planning tool. In versions below 14.89.2 and 15... High Unreviewed
CVE-2025-58439 was published Sep 6, 2025
The FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1... High Unreviewed
CVE-2014-9198 was published May 14, 2022
Insufficient bounds checking in AMD TEE (Trusted Execution Environment) could allow an attacker... High Unreviewed
CVE-2021-26383 was published Sep 6, 2025
The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde... High Unreviewed
CVE-2014-9197 was published May 17, 2022
Stack-based buffer overflow in an unspecified DLL file in a DTM development kit in Schneider... High Unreviewed
CVE-2014-9200 was published May 17, 2022
In saveGlobalProxyLocked of DevicePolicyManagerService.java, there is a possible way to desync... High Unreviewed
CVE-2025-48552 was published Sep 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database