GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,862
Composer 5,064
Erlang 39
GitHub Actions 38
Go 2,694
Maven 6,136
npm 4,321
NuGet 761
pip 4,097
Pub 12
RubyGems 958
Rust 1,063
Swift 45

Unreviewed advisories

All unreviewed 278,606

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

4,774 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A crafted NTFS image can cause a heap-based buffer overflow in ntfs_check_log_client_array in... Moderate Unreviewed

CVE-2022-30789 was published May 27, 2022

A crafted NTFS image can cause a heap-based buffer overflow in ntfs_mft_rec_alloc in NTFS-3G... Moderate Unreviewed

CVE-2022-30788 was published May 27, 2022

A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through... Moderate Unreviewed

CVE-2022-30784 was published May 27, 2022

A crafted NTFS image can cause a heap-based buffer overflow in ntfs_names_full_collate in NTFS-3G... Moderate Unreviewed

CVE-2022-30786 was published May 27, 2022

Improper input validation in the BitstreamWriter::write_bits() function of Tempus Ex hello-video... Moderate Unreviewed

CVE-2025-63095 was published Dec 1, 2025

IBM QRadar SOAR Plugin App 1.0.0 through 5.6.0 could allow a remote attacker to traverse... Moderate Unreviewed

CVE-2025-36114 was published Aug 20, 2025

Improper Input Validation vulnerability in CyberArk CyberArk Secure Web Sessions Extension on... Moderate Unreviewed

CVE-2025-13762 was published Nov 27, 2025

An improper input validation in the Security Dashboard ignored-tasks API of Devolutions Server... Moderate Unreviewed

CVE-2025-11958 was published Oct 22, 2025

In the previous mitigations for Spectre, the resolution or precision of various methods was... Moderate Unreviewed

CVE-2018-12367 was published May 14, 2022

Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the... Moderate Unreviewed

CVE-2017-7825 was published May 14, 2022

On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will... Moderate Unreviewed

CVE-2017-7791 was published May 14, 2022

Characters from the "Canadian Syllabics" unicode block can be mixed with characters from other... Moderate Unreviewed

CVE-2017-7764 was published May 14, 2022

URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger... Moderate Unreviewed

CVE-2017-5383 was published May 14, 2022

A mechanism to spoof the addressbar through the user interaction on the addressbar and the ... Moderate Unreviewed

CVE-2017-5451 was published May 14, 2022

Default fonts on OS X display some Tibetan characters as whitespace. When used in the addressbar... Moderate Unreviewed

CVE-2017-7763 was published May 14, 2022

The Mozilla Updater can be made to choose an arbitrary target working directory for output files... Moderate Unreviewed

CVE-2016-5294 was published May 14, 2022

When the Mozilla Updater is run, if the Updater's log file in the working directory points to a... Moderate Unreviewed

CVE-2016-5293 was published May 14, 2022

NVIDIA DGX Spark GB10 contains a vulnerability in OSROOT firmware, where an attacker could cause... Moderate Unreviewed

CVE-2025-33191 was published Nov 25, 2025

A same-origin policy bypass with local shortcut files to load arbitrary local content from disk.... Moderate Unreviewed

CVE-2016-5291 was published May 14, 2022

Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple... Moderate Unreviewed

CVE-2025-11936 was published Nov 22, 2025

The Booking Plugin for WordPress Appointments – Time Slot plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-12842 was published Nov 19, 2025

CWE-20 Improper Input Validation Moderate Unreviewed

CVE-2025-55058 was published Nov 17, 2025

Improper input validation in OneFlow v0.9.0 allows attackers to cause a segmentation fault via... Moderate Unreviewed

CVE-2025-63397 was published Nov 11, 2025

A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information... Moderate Unreviewed

CVE-2025-5680 was published Jun 5, 2025

A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information... Moderate Unreviewed

CVE-2025-5679 was published Jun 5, 2025

Previous1…191 Next

Previous 1 2 3 4 5 … 190 191 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,774 advisories