Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
975
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

31 advisories

Loading
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive... High Unreviewed
CVE-2026-32960 was published Apr 20, 2026
Eclipse Jetty: Early return from the JASPIAuthenticator code can potentially no clear ThreadLocal variables High
CVE-2026-5795 was published for org.eclipse.jetty.ee10:jetty-ee10-jaspi (Maven) Apr 14, 2026
HRsGIT Credited to HRsGIT
Duplicate Advisory: Eclipse Jetty: Early return from the JASPIAuthenticator code can potentially no clear ThreadLocal variables High
GHSA-gc59-r5jq-98qw was published for org.eclipse.jetty.ee10:jetty-ee10 (Maven) Apr 8, 2026 withdrawn
The Semtech LR11xx LoRa transceivers running early versions of firmware contains an information... Moderate Unreviewed
CVE-2025-14858 was published Apr 7, 2026
AnyBurn 4.3 x86 contains a denial of service vulnerability that allows local attackers to crash... Moderate Unreviewed
CVE-2019-25657 was published Apr 5, 2026
OpenClaw: Gateway HTTP /sessions/:sessionKey/kill Reaches Admin Kill Path Without Caller Scope Binding High
GHSA-9p93-7j67-5pc2 was published for openclaw (npm) Mar 27, 2026
zpbrent Credited to zpbrent
Scriban has an authorization bypass due to stale include cache surviving TemplateContext.Reset() High
GHSA-x6m9-38vm-2xhf was published for scriban (NuGet) Mar 24, 2026
Zwique Credited to Zwique
WinAVI iPod/3GP/MP4/PSP Converter 4.4.2 contains a denial of service vulnerability that allows... Moderate Unreviewed
CVE-2019-25645 was published Mar 24, 2026
Ease Audio Converter 5.30 contains a denial of service vulnerability in the Audio Cutter function... Moderate Unreviewed
CVE-2019-25617 was published Mar 22, 2026
MediaMonkey 4.1.23 contains a denial of service vulnerability that allows local attackers to... Moderate Unreviewed
CVE-2019-25571 was published Mar 21, 2026
PCHelpWareV2 1.0.0.5 contains a denial of service vulnerability that allows local attackers to... Moderate Unreviewed
CVE-2019-25563 was published Mar 21, 2026
Lyric Video Creator 2.1 contains a denial of service vulnerability that allows attackers to crash... High Unreviewed
CVE-2019-25560 was published Mar 21, 2026
CEWE PHOTO IMPORTER 6.4.3 contains a denial of service vulnerability that allows local attackers... Moderate Unreviewed
CVE-2019-25553 was published Mar 21, 2026
IBM DB2 Merge Backup for Linux, UNIX and Windows 12.1.0.0 could allow an attacker to access... Moderate Unreviewed
CVE-2025-13108 was published Feb 17, 2026
In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit... Moderate Unreviewed
CVE-2025-0647 was published Jan 14, 2026
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a... Low Unreviewed
CVE-2025-33198 was published Nov 25, 2025
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a... Low Unreviewed
CVE-2025-33200 was published Nov 25, 2025
NVIDIA DGX Spark GB10 contains a vulnerability in SROOT firmware, where an attacker could cause a... Moderate Unreviewed
CVE-2025-33196 was published Nov 25, 2025
Sensitive information uncleared in resource before release for reuse for some Intel(R) NPU... Low Unreviewed
CVE-2025-20622 was published Nov 11, 2025
Potential information leak in bolt protocol handshake in Neo4j Enterprise and Community editions... Moderate Unreviewed
CVE-2025-11602 was published Oct 31, 2025
The Honeywell Experion PKS and OneWireless WDM contains Sensitive Information in Resource... Moderate Unreviewed
CVE-2025-2522 was published Jul 10, 2025
Sensitive information in resource not removed before reuse in some Intel(R) TDX Seamldr module... High Unreviewed
CVE-2024-21850 was published Nov 13, 2024
When using Arm Cortex-M Security Extensions (CMSE), Secure stack contents can be leaked to Non... Low Unreviewed
CVE-2024-7883 was published Oct 31, 2024
Moodle HTTP authorization header is preserved between "emulated redirects" Moderate
CVE-2024-38275 was published for moodle/moodle (Composer) Jun 18, 2024
SixLabors.ImageSharp vulnerable to data leakage Moderate
CVE-2024-32036 was published for SixLabors.ImageSharp (NuGet) Apr 15, 2024
antonfirsov Credited to antonfirsov
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database