Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

24,308 advisories

Loading
In endCallForSubscriber of PhoneInterfaceManager.java, there is a possible way to prevent access... Critical Unreviewed
CVE-2017-13322 was published Jan 18, 2025
A new feature to prevent Firmware downgrades was recently added to some Lexmark products. A... Critical Unreviewed
CVE-2023-50738 was published Jan 17, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2024-13502 was published Jan 17, 2025
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Newtec... Critical Unreviewed
CVE-2024-13503 was published Jan 17, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Harsh iSpring Embedder allows Upload a Web... Critical Unreviewed
CVE-2025-23922 was published Jan 16, 2025
Cross-Site Request Forgery (CSRF) vulnerability in Mike Selander WP Options Editor allows... Critical Unreviewed
CVE-2025-23797 was published Jan 16, 2025
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the firewallEn parameter... Critical Unreviewed
CVE-2024-57581 was published Jan 16, 2025
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the limitSpeedUp parameter... Critical Unreviewed
CVE-2024-57579 was published Jan 16, 2025
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in... Critical Unreviewed
CVE-2024-57582 was published Jan 16, 2025
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in... Critical Unreviewed
CVE-2024-57580 was published Jan 16, 2025
An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210... Critical Unreviewed
CVE-2024-57684 was published Jan 16, 2025
JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the... Critical Unreviewed
CVE-2024-57768 was published Jan 16, 2025
Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above.... Critical Unreviewed
CVE-2025-0471 was published Jan 16, 2025
The airPASS from NetVision Information has a SQL Injection vulnerability, allowing... Critical Unreviewed
CVE-2025-0455 was published Jan 16, 2025
The airPASS from NetVision Information has a Missing Authentication vulnerability, allowing... Critical Unreviewed
CVE-2025-0456 was published Jan 16, 2025
RE11S v1.11 was discovered to contain a stack overflow via the pppUserName parameter in the... Critical Unreviewed
CVE-2025-22916 was published Jan 16, 2025
RE11S v1.11 was discovered to contain a stack overflow via the rootAPmac parameter in the... Critical Unreviewed
CVE-2025-22913 was published Jan 16, 2025
RE11S v1.11 was discovered to contain a command injection vulnerability via the command parameter... Critical Unreviewed
CVE-2025-22905 was published Jan 16, 2025
RE11S v1.11 was discovered to contain a command injection vulnerability via the L2TPUserName... Critical Unreviewed
CVE-2025-22906 was published Jan 16, 2025
RE11S v1.11 was discovered to contain a stack overflow via the selSSID parameter in the... Critical Unreviewed
CVE-2025-22907 was published Jan 16, 2025
RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform... Critical Unreviewed
CVE-2025-22912 was published Jan 16, 2025
RE11S v1.11 was discovered to contain a stack overflow via the pptpUserName parameter in the... Critical Unreviewed
CVE-2025-22904 was published Jan 16, 2025
Crayfish allows Remote Code Execution via Homarus Authorization header Critical
GHSA-mm6v-68qp-f9fw was published for islandora/crayfish (Composer) Jan 15, 2025
seth-shaw-asu adam-vessey
HI-SCAN 6040i Hitrax HX-03-19-I was discovered to contain hardcoded credentials for access to... Critical Unreviewed
CVE-2024-48126 was published Jan 15, 2025
This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and... Critical Unreviewed
CVE-2024-44136 was published Jan 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database