Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

115,043 advisories

Loading
Babylon Nil BlockHash in BLS vote extensions triggers panics in consensus handlers High
GHSA-m6wq-66p2-c8pc was published for github.com/babylonlabs-io/babylon (Go) Dec 8, 2025
ZITADEL Vulnerable to Account Takeover via DOM-Based XSS in Zitadel V2 Login High
CVE-2025-67495 was published for github.com/zitadel/zitadel (Go) Dec 8, 2025
amit-laish livio-a
Credited to amit-laish and livio-a
ZITADEL Vulnerable to Account Takeover Due to Improper Instance Validation in V2 Login High
GHSA-pfrf-9r5f-73f5 was published for github.com/zitadel/zitadel (Go) Dec 8, 2025
amit-laish livio-a
Credited to amit-laish and livio-a
Csla affected by Remote Code Execution via WcfProxy (NetDataContractSerializer) High
CVE-2025-66631 was published for Csla (NuGet) Dec 8, 2025
rockfordlhotka Outurnate
Credited to rockfordlhotka and Outurnate
Critical Use-After-Free in Wasmi's Linear Memory High
CVE-2025-66627 was published for wasmi (Rust) Dec 8, 2025
The Litmus platform uses JWT for authentication and authorization, but the secret being used for... High Unreviewed
CVE-2025-14261 was published Dec 8, 2025
In multiple locations of UsbDataAdvancedProtectionHook.java, there is a possible way to access... High Unreviewed
CVE-2025-48625 was published Dec 8, 2025
Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows... High Unreviewed
CVE-2025-65795 was published Dec 8, 2025
In setDisplayName of AssociationRequest.java, there is a possible way to cause CDM associations... High Unreviewed
CVE-2025-48632 was published Dec 8, 2025
In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service... High Unreviewed
CVE-2025-48631 was published Dec 8, 2025
In DefaultTransitionHandler.java, there is a possible way to enable a tapjacking attack due to a... High Unreviewed
CVE-2025-48621 was published Dec 8, 2025
In multiple functions of arm-smmu-v3.c, there is a possible out-of-bounds write due to improper... High Unreviewed
CVE-2025-48624 was published Dec 8, 2025
Incorrect access control in the Identity Provider service of usememos memos v0.25.2 allows... High Unreviewed
CVE-2025-65797 was published Dec 8, 2025
In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer... High Unreviewed
CVE-2025-48637 was published Dec 8, 2025
In init_pkvm_hyp_vcpu of pkvm.c, there is a possible out of bounds write due to improper input... High Unreviewed
CVE-2025-48623 was published Dec 8, 2025
In findAvailRecognizer of VoiceInteractionManagerService.java, there is a possible way to become... High Unreviewed
CVE-2025-48629 was published Dec 8, 2025
In DefaultTransitionHandler.java, there is a possible way to unknowingly grant permissions to an... High Unreviewed
CVE-2025-48639 was published Dec 8, 2025
In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to... High Unreviewed
CVE-2025-48627 was published Dec 8, 2025
In hasAccountsOnAnyUser of DevicePolicyManagerService.java, there is a possible way to add a... High Unreviewed
CVE-2025-48633 was published Dec 8, 2025
In validateIconUserBoundary of PrintManagerService.java, there is a possible cross-user image... High Unreviewed
CVE-2025-48628 was published Dec 8, 2025
In __pkvm_load_tracing of trace.c, there is a possible out-of-bounds write due to improper input... High Unreviewed
CVE-2025-48638 was published Dec 8, 2025
In preparePackage of InstallPackageHelper.java, there is a possible way for an app to appear... High Unreviewed
CVE-2025-48606 was published Dec 8, 2025
In multiple functions of CertInstaller.java, there is a possible way to install certificates due... High Unreviewed
CVE-2025-48575 was published Dec 8, 2025
In appendFrom of Parcel.cpp, there is a possible out of bounds read due to a missing bounds check... High Unreviewed
CVE-2025-48596 was published Dec 8, 2025
In onActivityResult of EditFdnContactScreen.java, there is a possible way to leak contacts from... High Unreviewed
CVE-2025-48586 was published Dec 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database