Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

95,203 advisories

Loading
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the  CP210 VCP Win 2k ... High Unreviewed
CVE-2024-9494 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress Dev Kit ... High Unreviewed
CVE-2024-9496 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress Win 98SE... High Unreviewed
CVE-2024-9499 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the  ToolStick ... High Unreviewed
CVE-2024-9493 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in Flash Programming Utility... High Unreviewed
CVE-2024-9492 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress SDK ... High Unreviewed
CVE-2024-9498 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in the USBXpress 4 SDK ... High Unreviewed
CVE-2024-9497 was published Jan 24, 2025
GPAC MP4box 2.1-DEV-rev574-g9d5bb184b contains a buffer overflow in gf_vvc_read_pps_bs_internal... High Unreviewed
CVE-2022-47090 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in Silicon Labs (8-bit) IDE... High Unreviewed
CVE-2024-9490 was published Jan 24, 2025
DLL hijacking vulnerabilities, caused by an uncontrolled search path in Configuration Wizard 2... High Unreviewed
CVE-2024-9491 was published Jan 24, 2025
IBM Cognos Dashboards 4.0.7 and 5.0.0 on Cloud Pak for Data could allow a remote attacker to... High Unreviewed
CVE-2024-41739 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23889 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23888 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23622 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23621 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23737 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23711 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23734 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23837 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23885 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23839 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23838 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22714 was published Jan 24, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-23427 was published Jan 24, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-23422 was published Jan 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database