GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,282
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,105
Rust
1,490
Swift
61
Unreviewed advisories
All unreviewed
5,000+
24 advisories
Filter by severity
A flaw exists in the org.keycloak.broker.oidc package where the OIDC broker incorrectly...
Moderate
Unreviewed
CVE-2026-14781
was published
Jul 5, 2026
Keycloak Services has Improper Validation of Consistency within Input
Moderate
CVE-2026-9689
was published
for
org.keycloak:keycloak-services
(Maven)
May 27, 2026
In the Linux kernel, the following vulnerability has been resolved:
crypto: algif_aead - Revert...
High
Unreviewed
CVE-2026-31431
was published
Apr 22, 2026
In the Linux kernel, the following vulnerability has been resolved:
drm/amd/display: Do not skip...
High
Unreviewed
CVE-2026-31488
was published
Apr 22, 2026
In the Linux kernel, the following vulnerability has been resolved:
RDMA/mana: Remove user...
High
Unreviewed
CVE-2026-46117
was published
May 28, 2026
In the Linux kernel, the following vulnerability has been resolved:
smb: client: validate the...
High
Unreviewed
CVE-2026-31709
was published
May 1, 2026
A local attacker could cause a full device reset by resetting the device passwords using an...
High
Unreviewed
CVE-2022-50976
was published
Feb 2, 2026
A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow...
Moderate
Unreviewed
CVE-2024-5953
was published
Jun 18, 2024
Drupal Reverse Proxy Header allows Manipulating User-Controlled Variables
Moderate
CVE-2025-10929
was published
for
drupal/reverse_proxy_header
(Composer)
Oct 30, 2025
tough root metadata version is not checked for sequential versioning
Moderate
CVE-2025-2885
was published
for
tough
(Rust)
Mar 28, 2025
Improper Input Validation in the Networking Stack of QNX SDP version(s) 6.6, 7.0, and 7.1 could...
High
Unreviewed
CVE-2023-32701
was published
Nov 14, 2023
vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
Moderate
CVE-2025-46722
was published
for
vllm
(pip)
May 28, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 11.1 before 17.10.7, 17...
Moderate
Unreviewed
CVE-2024-12093
was published
May 22, 2025
A command injection vulnerability exists in local RACADM. A malicious authenticated user could...
High
Unreviewed
CVE-2024-25951
was published
Mar 9, 2024
prepareUnique index may cause secondaries to crash due to incorrect enforcement of index...
Moderate
Unreviewed
CVE-2024-8305
was published
Oct 21, 2024
An Improper Validation of Consistency within Input vulnerability in the routing protocol daemon ...
High
Unreviewed
CVE-2024-39515
was published
Oct 9, 2024
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high...
Moderate
Unreviewed
CVE-2023-1620
was published
Jun 26, 2023
Multiple WAGO devices in multiple versions may allow an authenticated remote attacker with high...
Moderate
Unreviewed
CVE-2023-1619
was published
Jun 26, 2023
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos...
Moderate
Unreviewed
CVE-2024-27371
was published
Jun 5, 2024
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos...
Moderate
Unreviewed
CVE-2024-27375
was published
Jun 5, 2024
In JetBrains TeamCity before 2024.03 server administrators could remove arbitrary files from the...
Moderate
Unreviewed
CVE-2024-31140
was published
Mar 28, 2024
In JetBrains TeamCity before 2024.03 2FA could be bypassed by providing a special URL parameter
High
Unreviewed
CVE-2024-31136
was published
Mar 28, 2024
Candid infinite decoding loop through specially crafted payload
High
CVE-2023-6245
was published
for
candid
(Rust)
Dec 8, 2023
xmldom allows multiple root nodes in a DOM
Critical
CVE-2022-39353
was published
for
@xmldom/xmldom
(npm)
Nov 1, 2022
ProTip!
Advisories are also available from the
GraphQL API