GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,028
Composer 5,080
Erlang 39
GitHub Actions 38
Go 2,750
Maven 6,169
npm 4,353
NuGet 765
pip 4,114
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,587

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

142 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Protection Mechanism Failure of Software Downgrade in Zoom Rooms for Windows before 6.6.0 may... High Unreviewed

CVE-2025-67460 was published Dec 10, 2025

Legality WHISTLEBLOWING by DigitalPA contains a protection mechanism failure in which critical... High Unreviewed

CVE-2025-34413 was published Dec 9, 2025

Protection mechanism failure in the UEFI firmware for the Slim Bootloader within firmware may... High Unreviewed

CVE-2025-35968 was published Nov 11, 2025

An Insecure Direct Object Reference (IDOR) vulnerability was discovered in ARD. The flaw exists... High Unreviewed

CVE-2025-55886 was published Sep 22, 2025

A vulnerability in the HPE Aruba Networking SD-WAN Gateways could allow an unauthenticated remote... High Unreviewed

CVE-2025-37124 was published Sep 17, 2025

This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunderbird < 143, and Thunderbird... High Unreviewed

CVE-2025-10528 was published Sep 16, 2025

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15... High Unreviewed

CVE-2025-43330 was published Sep 16, 2025

In onHandleForceStop of VoiceInteractionManagerService.java, there is a bug that could cause the... High Unreviewed

CVE-2025-26444 was published Sep 5, 2025

In multiple functions of LocationProviderManager.java, there is a possible background activity... High Unreviewed

CVE-2025-26458 was published Sep 5, 2025

In parseHtml of HtmlToSpannedParser.java, there is a possible way to install apps without... High Unreviewed

CVE-2025-26443 was published Sep 5, 2025

In getComponentName of AccessibilitySettingsUtils.java, there is a possible way to for a... High Unreviewed

CVE-2025-26439 was published Sep 4, 2025

In setupAccessibilityServices of AccessibilityFragment.java, there is a possible way to hide an... High Unreviewed

CVE-2025-26431 was published Sep 4, 2025

In getDefaultCBRPackageName of CellBroadcastHandler.java, there is a possible escalation of... High Unreviewed

CVE-2025-48534 was published Sep 4, 2025

In getCallingPackageName of CredentialStorage, there is a possible permission bypass due to a... High Unreviewed

CVE-2025-48531 was published Sep 4, 2025

In setDisplayName of AssociationRequest.java, there is a possible way for an app to retain CDM... High Unreviewed

CVE-2025-48522 was published Sep 4, 2025

In checkPermissions of SafeActivityOptions.java, there is a possible background activity launch... High Unreviewed

CVE-2025-48546 was published Sep 4, 2025

In multiple locations, there is a possible way to hijack the Launcher app due to a logic error in... High Unreviewed

CVE-2025-0089 was published Sep 4, 2025

In executeAppFunction of AppSearchManagerService.java, there is a possible background activity... High Unreviewed

CVE-2025-26464 was published Sep 4, 2025

In showDismissibleKeyguard of KeyguardService.java, there is a possible way to bypass app pinning... High Unreviewed

CVE-2025-32331 was published Sep 4, 2025

In gxp_mapping_create of gxp_mapping.c, there is a possible privilege escalation due to a logic... High Unreviewed

CVE-2025-36905 was published Sep 4, 2025

There is a possible escalation of privilege due to a logic error in the code. This could lead to... High Unreviewed

CVE-2025-36898 was published Sep 4, 2025

XSLT document loading did not correctly propagate the source document which bypassed its CSP.... High Unreviewed

CVE-2025-8032 was published Jul 22, 2025

Emerson ValveLink products do not use or incorrectly uses a protection mechanism that provides ... High Unreviewed

CVE-2025-46358 was published Jul 11, 2025

Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a... High Unreviewed

CVE-2025-49740 was published Jul 8, 2025

Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an... High Unreviewed

CVE-2025-47159 was published Jul 8, 2025

Previous1…6 Next

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

142 advisories