Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,464
Erlang
33
GitHub Actions
22
Go
2,163
Maven
5,000+
npm
3,821
NuGet
696
pip
3,502
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

104,667 advisories

Loading
A Denial of Service (DoS) vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS... High Unreviewed
CVE-2025-0114 was published Mar 12, 2025
Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F... High Unreviewed
CVE-2024-26290 was published Mar 12, 2025
A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices... High Unreviewed
CVE-2025-0117 was published Mar 12, 2025
Ruby SAML allows a SAML authentication bypass due to namespace handling (parser differential) High
CVE-2025-25292 was published for ruby-saml (RubyGems) Mar 12, 2025
p-
Ruby SAML allows a SAML authentication bypass due to DOCTYPE handling (parser differential) High
CVE-2025-25291 was published for ruby-saml (RubyGems) Mar 12, 2025
ahacker1-securesaml
Ruby SAML allows remote Denial of Service (DoS) with compressed SAML responses High
CVE-2025-25293 was published for ruby-saml (RubyGems) Mar 12, 2025
p-
Cosmos SDK: x/group can halt when erroring in EndBlocker High
GHSA-47ww-ff84-4jrg was published for github.com/cosmos/cosmos-sdk (Go) Mar 12, 2025
A vulnerability in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software... High Unreviewed
CVE-2025-20209 was published Mar 12, 2025
An issue in dtp.ae tNexus Airport View v.2.8 allows a remote attacker to escalate privileges via... High Unreviewed
CVE-2025-25711 was published Mar 12, 2025
A vulnerability in the Layer 3 multicast feature of Cisco IOS XR Software for Cisco ASR 9000... High Unreviewed
CVE-2025-20146 was published Mar 12, 2025
CWE-287: Improper Authentication vulnerability exists that could cause an Authentication Bypass... High Unreviewed
CVE-2025-0813 was published Mar 12, 2025
Improper link resolution before file access in the Nomad module of the 1E Client, in versions... High Unreviewed
CVE-2025-1683 was published Mar 12, 2025
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker... High Unreviewed
CVE-2025-20138 was published Mar 12, 2025
A vulnerability in confederation implementation for the Border Gateway Protocol (BGP) in... High Unreviewed
CVE-2025-20115 was published Mar 12, 2025
A vulnerability in the IPv4 access control list (ACL) feature and quality of service (QoS) policy... High Unreviewed
CVE-2025-20142 was published Mar 12, 2025
Unquoted Search Path or Element vulnerability in OpenText™ Service Manager.  The vulnerability... High Unreviewed
CVE-2025-0884 was published Mar 12, 2025
A vulnerability in the handling of specific packets that are punted from a line card to a route... High Unreviewed
CVE-2025-20141 was published Mar 12, 2025
Out-of-bounds Read in Ruby JSON Parser High
CVE-2025-27788 was published for json (RubyGems) Mar 12, 2025
SmallRye Fault Tolerance out-of-memory (OOM) issue High
CVE-2025-2240 was published for io.smallrye:smallrye-fault-tolerance-core (Maven) Mar 12, 2025
An issue in dtp.ae tNexus Airport View v.2.8 allows a remote attacker to escalate privileges via... High Unreviewed
CVE-2025-25709 was published Mar 12, 2025
In the Linux kernel, the following vulnerability has been resolved: geneve: Fix use-after-free... High Unreviewed
CVE-2025-21858 was published Mar 12, 2025
The Review Schema plugin for WordPress is vulnerable to Local File Inclusion in all versions up... High Unreviewed
CVE-2025-1707 was published Mar 12, 2025
Samsung SmartThings Improper Verification of Cryptographic Signature Authentication Bypass... High Unreviewed
CVE-2025-2233 was published Mar 12, 2025
In the Linux kernel, the following vulnerability has been resolved: powerpc/xive/spapr: correct... High Unreviewed
CVE-2022-49623 was published Mar 12, 2025
Rembg CORS misconfiguration High
CVE-2025-25302 was published for rembg (pip) Mar 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database