GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
                  
                    
                      
                      All reviewed
                    
                    
                      5,000+
                    
                  
                  
                    
                      
                      Composer
                    
                    
                      4,950
                    
                  
                  
                    
                      
                      Erlang
                    
                    
                      39
                    
                  
                  
                    
                      
                      GitHub Actions
                    
                    
                      38
                    
                  
                  
                    
                      
                      Go
                    
                    
                      2,603
                    
                  
                  
                    
                      
                      Maven
                    
                    
                      5,000+
                    
                  
                  
                    
                      
                      npm
                    
                    
                      4,250
                    
                  
                  
                    
                      
                      NuGet
                    
                    
                      755
                    
                  
                  
                    
                      
                      pip
                    
                    
                      4,013
                    
                  
                  
                    
                      
                      Pub
                    
                    
                      12
                    
                  
                  
                    
                      
                      RubyGems
                    
                    
                      953
                    
                  
                  
                    
                      
                      Rust
                    
                    
                      1,048
                    
                  
                  
                    
                      
                      Swift
                    
                    
                      45
                    
                  
                  Unreviewed advisories
                  
                    
                      
                      All unreviewed
                    
                    
                      5,000+
                    
                  
            3,035 advisories
        Filter by severity
        
      
      
    
                    
                      D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime...
                    
                      
  Critical
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-60554
                      
                      was published
                      Oct 24, 2025 
                    
                  
                    
                      D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime...
                    
                      
  Critical
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-60553
                      
                      was published
                      Oct 24, 2025 
                    
                  
                    
                      D-Link DIR600L Ax FW116WWb01 was discovered to contain a buffer overflow via the curTime...
                    
                      
  Critical
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-60548
                      
                      was published
                      Oct 24, 2025 
                    
                  
                    
                      binary_vec_io access memory out-of-bounds in binary_read_to_ref and binary_write_from_ref
                    
                      
  High
                    
                
                      
                        GHSA-wwxp-hxh6-8gf8
                      
                      was published
                        for
                        
                          binary_vec_io
                        
                        (Rust)
                      Oct 22, 2025 
                    
                  
                    
                      Multiple buffer overflows in the AdvSetMacMtuWan function of Tenda AC6 v.15.03.06.50 allows...
                    
                      
  High
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-60343
                      
                      was published
                      Oct 22, 2025 
                    
                  
                    
                      Multiple buffer overflows in the SetClientState function of Tenda AC6 v.15.03.06.50 allows...
                    
                      
  High
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-60340
                      
                      was published
                      Oct 22, 2025 
                    
                  
                    
                      NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow
                    
                      
  Critical
                    
                
                      
                        CVE-2025-54469
                      
                      was published
                        for
                        
                          github.com/neuvector/neuvector
                        
                        (Go)
                      Oct 21, 2025 
                    
                  
                    
                      In the Linux kernel, the following vulnerability has been resolved:
mmc: core: use sysfs_emit()...
                    
                      
  High
                      
                        Unreviewed
                    
                
                      
                        CVE-2022-49267
                      
                      was published
                      Oct 21, 2025 
                    
                  
                    
                      When an iRule using an ILX::call command is configured on a virtual server, undisclosed traffic...
                    
                      
  High
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-53474
                      
                      was published
                      Oct 15, 2025 
                    
                  
                    
                      In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This...
                    
                      
  High
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-20709
                      
                      was published
                      Oct 14, 2025 
                    
                  
                    
                      The websocket handler is vulnerable to a denial of service condition. An unauthenticated remote...
                    
                      
  Moderate
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-41707
                      
                      was published
                      Oct 14, 2025 
                    
                  
                    
                      The webserver is vulnerable to a denial of service condition. An unauthenticated remote attacker...
                    
                      
  Moderate
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-41706
                      
                      was published
                      Oct 14, 2025 
                    
                  
                    
                      A Buffer Copy without Checking Size of Input vulnerability in the 
Session Initialization...
                    
                      
  High
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-52960
                      
                      was published
                      Oct 9, 2025 
                    
                  
                    
                      memory corruption while processing an image encoding completion event.
                    
                      
  High
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-47341
                      
                      was published
                      Oct 9, 2025 
                    
                  
                    
                      SPDK is vulnerable to buffer overflow in the NVMe-oF target component
                    
                      
  Moderate
                    
                
                      
                        CVE-2025-57275
                      
                      was published
                        for
                        
                          spdk
                        
                        (pip)
                      Oct 1, 2025 
                    
                  
                    
                      Wavlink M86X3A_V240730 contains a buffer overflow vulnerability in the /cgi-bin/ExportAllSettings...
                    
                      
  High
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-55847
                      
                      was published
                      Sep 26, 2025 
                    
                  
                    
                      libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs (NextCommand),...
                    
                      
  High
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-57632
                      
                      was published
                      Sep 25, 2025 
                    
                  
                    
                      A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA)...
                    
                      
  Critical
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-20333
                      
                      was published
                      Sep 25, 2025 
                    
                  
                    
                      A vulnerability in the CLI of Cisco IOS Software and Cisco IOS XE Software could allow an...
                    
                      
  Moderate
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-20149
                      
                      was published
                      Sep 24, 2025 
                    
                  
                    
                      Memory corruption while performing private key encryption in trusted application.
                    
                      
  High
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-21481
                      
                      was published
                      Sep 24, 2025 
                    
                  
                    
                      Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake.
                    
                      
  High
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-21476
                      
                      was published
                      Sep 24, 2025 
                    
                  
                    
                      A buffer overflow vulnerability in Novakon P series allows attackers to gain root permission...
                    
                      
  Critical
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-9962
                      
                      was published
                      Sep 23, 2025 
                    
                  
                    
                      A maliciously crafted PRT file, when parsed through certain Autodesk products, can force a Memory...
                    
                      
  High
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-8892
                      
                      was published
                      Sep 22, 2025 
                    
                  
                    
                      A security flaw has been discovered in D-Link DIR-825 up to 2.10. Affected by this vulnerability...
                    
                      
  High
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-10666
                      
                      was published
                      Sep 18, 2025 
                    
                  
                    
                      A path handling issue was addressed with improved validation. This issue is fixed in Xcode 26....
                    
                      
  Moderate
                      
                        Unreviewed
                    
                
                      
                        CVE-2025-43370
                      
                      was published
                      Sep 16, 2025 
                    
                  
        
        ProTip!
        Advisories are also available from the 
        GraphQL API