Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

240,253 advisories

Loading
An Improper Control of a Resource Through its Lifetime vulnerability in the routing protocol... High Unreviewed
CVE-2025-21593 was published Jan 9, 2025
A Missing Release of Memory after Effective Lifetime vulnerability in the Juniper Tunnel Driver ... High Unreviewed
CVE-2025-21599 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22813 was published Jan 9, 2025
An Improper Handling of Exceptional Conditions vulnerability in the command-line processing of... Moderate Unreviewed
CVE-2025-21596 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22827 was published Jan 9, 2025
An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the command-line... Moderate Unreviewed
CVE-2025-21592 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22824 was published Jan 9, 2025
An Out-of-Bounds Read vulnerability in the routing protocol daemon (rpd) of Juniper Networks... High Unreviewed
CVE-2025-21600 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22822 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22823 was published Jan 9, 2025
An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd)... High Unreviewed
CVE-2025-21602 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22826 was published Jan 9, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-22508 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22803 was published Jan 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... Critical Unreviewed
CVE-2025-22540 was published Jan 9, 2025
Deserialization of Untrusted Data vulnerability in Konrad Karpieszuk WC Price History for Omnibus... High Unreviewed
CVE-2025-22510 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-22539 was published Jan 9, 2025
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')... High Unreviewed
CVE-2025-22537 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22801 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22810 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22809 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22815 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22812 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22808 was published Jan 9, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... Moderate Unreviewed
CVE-2025-22821 was published Jan 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database