Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,337
NuGet
764
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

106,517 advisories

Loading
A vulnerability exists in the SecOps SOAR server. The custom integrations feature allowed an... High Unreviewed
CVE-2025-13428 was published Dec 9, 2025
NULL Pointer Dereference vulnerability in ravynsoft ravynos.This issue affects ravynos: through 0... High Unreviewed
CVE-2025-14309 was published Dec 9, 2025
The Login Security, FireWall, Malware removal by CleanTalk plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-13604 was published Dec 9, 2025
The Social Reviews & Recommendations plugin for WordPress is vulnerable to Stored Cross-Site... High Unreviewed
CVE-2025-12705 was published Dec 9, 2025
SQL Injection in Frappe HelpDesk in the dashboard get_dashboard_data due to unsafe concatenation... High Unreviewed
CVE-2025-10655 was published Dec 9, 2025
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). The DHCP... High Unreviewed
CVE-2024-56835 was published Dec 9, 2025
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). Code... High Unreviewed
CVE-2024-56839 was published Dec 9, 2025
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). Under... High Unreviewed
CVE-2024-56840 was published Dec 9, 2025
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). Due to... High Unreviewed
CVE-2024-56837 was published Dec 9, 2025
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). During... High Unreviewed
CVE-2024-56836 was published Dec 9, 2025
A vulnerability has been identified in RUGGEDCOM ROX II family (All versions < V2.17.0). The SCEP... High Unreviewed
CVE-2024-56838 was published Dec 9, 2025
The Litmus platform uses JWT for authentication and authorization, but the secret being used for... High Unreviewed
CVE-2025-14261 was published Dec 8, 2025
In multiple locations of UsbDataAdvancedProtectionHook.java, there is a possible way to access... High Unreviewed
CVE-2025-48625 was published Dec 8, 2025
In DefaultTransitionHandler.java, there is a possible way to enable a tapjacking attack due to a... High Unreviewed
CVE-2025-48621 was published Dec 8, 2025
In preparePackage of InstallPackageHelper.java, there is a possible way for an app to appear... High Unreviewed
CVE-2025-48606 was published Dec 8, 2025
In validateIconUserBoundary of PrintManagerService.java, there is a possible cross-user image... High Unreviewed
CVE-2025-48628 was published Dec 8, 2025
In multiple functions of arm-smmu-v3.c, there is a possible out-of-bounds write due to improper... High Unreviewed
CVE-2025-48624 was published Dec 8, 2025
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service... High Unreviewed
CVE-2025-48631 was published Dec 8, 2025
In init_pkvm_hyp_vcpu of pkvm.c, there is a possible out of bounds write due to improper input... High Unreviewed
CVE-2025-48623 was published Dec 8, 2025
In hasAccountsOnAnyUser of DevicePolicyManagerService.java, there is a possible way to add a... High Unreviewed
CVE-2025-48633 was published Dec 8, 2025
In findAvailRecognizer of VoiceInteractionManagerService.java, there is a possible way to become... High Unreviewed
CVE-2025-48629 was published Dec 8, 2025
In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to... High Unreviewed
CVE-2025-48627 was published Dec 8, 2025
In setDisplayName of AssociationRequest.java, there is a possible way to cause CDM associations... High Unreviewed
CVE-2025-48632 was published Dec 8, 2025
In __pkvm_load_tracing of trace.c, there is a possible out-of-bounds write due to improper input... High Unreviewed
CVE-2025-48638 was published Dec 8, 2025
In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer... High Unreviewed
CVE-2025-48637 was published Dec 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database