GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
698 advisories
Filter by severity
In Eclipse Mosquitto, from version 1.3.2 through 2.0.18, if a malicious broker sends a crafted...
High
Unreviewed
CVE-2024-10525
was published
Oct 30, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a...
High
Unreviewed
CVE-2024-12179
was published
Dec 17, 2024
A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can be used to cause a...
High
Unreviewed
CVE-2024-12670
was published
Dec 17, 2024
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a...
High
Unreviewed
CVE-2024-12669
was published
Dec 17, 2024
A maliciously crafted DWFX file, when parsed in w3dtk.dll through Autodesk Navisworks, can force...
High
Unreviewed
CVE-2024-7673
was published
Sep 30, 2024
A maliciously crafted DWF file, when parsed in dwfcore.dll through Autodesk Navisworks, can force...
High
Unreviewed
CVE-2024-7674
was published
Sep 30, 2024
Windows Cryptographic Services Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-30020
was published
May 14, 2024
LibVNCServer 0.9.12 release and earlier contains heap buffer overflow vulnerability within the...
High
Unreviewed
CVE-2019-15690
was published
Jan 24, 2025
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow...
High
Unreviewed
CVE-2025-21139
was published
Jan 14, 2025
Substance3D - Designer versions 14.0 and earlier are affected by a Heap-based Buffer Overflow...
High
Unreviewed
CVE-2025-21137
was published
Jan 14, 2025
A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in...
High
Unreviewed
CVE-2023-50739
was published
Jan 18, 2025
Substance3D - Stager versions 3.0.4 and earlier are affected by a Heap-based Buffer Overflow...
High
Unreviewed
CVE-2025-21129
was published
Jan 14, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected...
High
Unreviewed
CVE-2021-31439
was published
May 24, 2022
Windows Telephony Service Remote Code Execution Vulnerability
High
Unreviewed
CVE-2025-21411
was published
Jan 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
High
Unreviewed
CVE-2025-21417
was published
Jan 14, 2025
Microsoft Access Remote Code Execution Vulnerability
High
Unreviewed
CVE-2025-21395
was published
Jan 14, 2025
Windows CSC Service Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2025-21378
was published
Jan 14, 2025
Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2025-21333
was published
Jan 14, 2025
Windows Graphics Component Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2025-21382
was published
Jan 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
High
Unreviewed
CVE-2025-21302
was published
Jan 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
High
Unreviewed
CVE-2025-21306
was published
Jan 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
High
Unreviewed
CVE-2025-21409
was published
Jan 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
High
Unreviewed
CVE-2025-21413
was published
Jan 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
High
Unreviewed
CVE-2025-21303
was published
Jan 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
High
Unreviewed
CVE-2025-21305
was published
Jan 14, 2025
ProTip!
Advisories are also available from the
GraphQL API