Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,952
Erlang
39
GitHub Actions
38
Go
2,612
Maven
5,000+
npm
4,252
NuGet
760
pip
4,027
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

113,330 advisories

Loading
Cross-Site Scripting (XSS) vulnerability in Checkmk's distributed monitoring allows a compromised... High Unreviewed
CVE-2025-39663 was published Oct 30, 2025
A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote... High Unreviewed
CVE-2025-53880 was published Oct 30, 2025
A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client... High Unreviewed
CVE-2025-62230 was published Oct 30, 2025
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension... High Unreviewed
CVE-2025-62229 was published Oct 30, 2025
A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds... High Unreviewed
CVE-2025-62231 was published Oct 30, 2025
On affected platforms, restricted users could use SSH port forwarding to access host-internal... High Unreviewed
CVE-2025-54546 was published Oct 30, 2025
On affected platforms, a restricted user could break out of the CLI sandbox to the system shell... High Unreviewed
CVE-2025-54545 was published Oct 30, 2025
Prior to September 19, 2025, the Hospital Manager Backend Services exposed the ASP.NET tracing... High Unreviewed
CVE-2025-54459 was published Oct 30, 2025
LangGraph SQLite Checkpoint Filter Key SQL Injection POC for SqliteStore High
CVE-2025-64104 was published for langgraph-checkpoint-sqlite (pip) Oct 29, 2025
ColeMurray
Credited to ColeMurray
Zitadel May Bypass Second Authentication Factor High
CVE-2025-64103 was published for github.com/zitadel/zitadel/v2 (Go) Oct 29, 2025
livio-a mffap
Credited to livio-a and mffap
Zitadel allows brute-forcing authentication factors High
CVE-2025-64102 was published for github.com/zitadel/zitadel/v2 (Go) Oct 29, 2025
livio-a
Credited to livio-a
ZITADEL Vulnerable to Account Takeover via Malicious Forwarded Header Injection High
CVE-2025-64101 was published for github.com/zitadel/zitadel/v2 (Go) Oct 29, 2025
amit-laish livio-a
Credited to amit-laish and livio-a
MLflow Weak Password Requirements Authentication Bypass Vulnerability. This vulnerability allows... High Unreviewed
CVE-2025-11200 was published Oct 29, 2025
Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution... High Unreviewed
CVE-2025-11464 was published Oct 29, 2025
Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-11463 was published Oct 29, 2025
MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability.... High Unreviewed
CVE-2025-11201 was published Oct 29, 2025
Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-11465 was published Oct 29, 2025
Razer Synapse 3 RazerPhilipsHueUninstall Link Following Local Privilege Escalation Vulnerability.... High Unreviewed
CVE-2025-9870 was published Oct 29, 2025
GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-10934 was published Oct 29, 2025
GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-10920 was published Oct 29, 2025
GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-10922 was published Oct 29, 2025
GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-10921 was published Oct 29, 2025
GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2025-10924 was published Oct 29, 2025
GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-10925 was published Oct 29, 2025
GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2025-10923 was published Oct 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database