Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,150
Maven
5,000+
npm
3,815
NuGet
690
pip
3,490
Pub
12
RubyGems
902
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+

268,242 advisories

Loading
Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26... Moderate Unreviewed
CVE-2025-20913 was published Mar 6, 2025
Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local... Moderate Unreviewed
CVE-2025-20912 was published Mar 6, 2025
Improper access control in SecSettingsIntelligence prior to SMR Mar-2025 Release 1 allows local... High Unreviewed
CVE-2025-20903 was published Mar 6, 2025
Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows... Moderate Unreviewed
CVE-2025-20916 was published Mar 6, 2025
Use of implicit intent for sensitive communication in Settings prior to SMR Mar-2025 Release 1... Moderate Unreviewed
CVE-2025-20909 was published Mar 6, 2025
Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71... Moderate Unreviewed
CVE-2025-20917 was published Mar 6, 2025
Out-of-bounds read in appending text paragraph in Samsung Notes prior to version 4.4.26.71 allows... Moderate Unreviewed
CVE-2025-20922 was published Mar 6, 2025
Out-of-bounds read in applying binary of voice content in Samsung Notes prior to version 4.4.26... Moderate Unreviewed
CVE-2025-20915 was published Mar 6, 2025
Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26... Moderate Unreviewed
CVE-2025-20919 was published Mar 6, 2025
Versions of the package ray before 2.43.0 are vulnerable to Insertion of Sensitive Information... Moderate Unreviewed
CVE-2025-1979 was published Mar 6, 2025
Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows... Moderate Unreviewed
CVE-2025-20920 was published Mar 6, 2025
Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows... Moderate Unreviewed
CVE-2025-20932 was published Mar 6, 2025
Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vaersion 4.4.26.71 allows... Moderate Unreviewed
CVE-2025-20928 was published Mar 6, 2025
Golang FIPS OpenSSL has a Use of Uninitialized Variable vulnerability High
CVE-2024-9355 was published for github.com/golang-fips/openssl (Go) Oct 1, 2024
qmuntal
Emissary May Use a Broken or Risky Cryptographic Algorithm High
CVE-2025-27508 was published for gov.nsa.emissary:emissary (Maven) Mar 5, 2025
0dd moweiyang0214
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix slab... High Unreviewed
CVE-2024-58013 was published Feb 27, 2025
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets... Unknown Unreviewed
CVE-2025-27623 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: bfq: Make sure bfqg for... High Unreviewed
CVE-2022-49411 was published Mar 6, 2025
In Jenkins 2.499 and earlier, LTS 2.492.1 and earlier, redirects starting with backslash (`\`)... Unknown Unreviewed
CVE-2025-27625 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: drm/msm/disp/dpu1: set vbif... High Unreviewed
CVE-2022-49489 was published Mar 6, 2025
In the Linux kernel, the following vulnerability has been resolved: block: disable the elevator... High Unreviewed
CVE-2022-49694 was published Mar 6, 2025
Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not redact encrypted values of secrets... Unknown Unreviewed
CVE-2025-27622 was published Mar 6, 2025
A cross-site request forgery (CSRF) vulnerability in Jenkins 2.499 and earlier, LTS 2.492.1 and... Unknown Unreviewed
CVE-2025-27624 was published Mar 6, 2025
In thermal, there is a possible memory corruption due to an uncaught exception. This could lead... Moderate Unreviewed
CVE-2023-20628 was published Mar 7, 2023
Spacy-LLM Server-Side Template Injection (SSTI) vulnerability High
CVE-2025-25362 was published for spacy-llm (pip) Mar 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database