Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
47
GitHub Actions
48
Go
3,378
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,573
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

1,950 advisories

Loading
Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an... High Unreviewed
CVE-2025-33051 was published Aug 12, 2025
Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to... High Unreviewed
CVE-2025-3831 was published Aug 12, 2025
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2025-40768 was published Aug 12, 2025
The AuthKit Remix Library renders sensitive auth data in HTML High
CVE-2025-55009 was published for @workos-inc/authkit-remix (npm) Aug 8, 2025
cai0duque Credited to cai0duque
The AuthKit React Router Library rendered sensitive auth data in HTML High
CVE-2025-55008 was published for @workos-inc/authkit-react-router (npm) Aug 8, 2025
An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. Information disclosure can... High Unreviewed
CVE-2025-46659 was published Aug 6, 2025
Electrolink FM/DAB/TV Transmitter Web Management System Unauthorized access vulnerability via the... High Unreviewed
CVE-2025-51040 was published Aug 6, 2025
A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows... High Unreviewed
CVE-2025-29745 was published Aug 5, 2025
An issue in Aver PTC310UV2 v.0.1.0000.59 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2025-45620 was published Jul 30, 2025
GitProxy Hidden Commits Injection High
CVE-2025-54586 was published for @finos/git-proxy (npm) Jul 30, 2025
An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 -... High Unreviewed
CVE-2020-36850 was published Jul 25, 2025
HCL iAutomate is affected by a sensitive data exposure vulnerability. This issue may allow... High Unreviewed
CVE-2025-31955 was published Jul 24, 2025
In some cases search terms persisted in the URL bar even after navigating away from the search... High Unreviewed
CVE-2025-8039 was published Jul 22, 2025
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability,... High Unreviewed
CVE-2025-7919 was published Jul 21, 2025
In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as... High Unreviewed
CVE-2025-7394 was published Jul 19, 2025
An issue in Perplexity AI GPT-4 v.2.51.0 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2025-50708 was published Jul 18, 2025
An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder (DVR) devices prior... High Unreviewed
CVE-2025-34130 was published Jul 17, 2025
An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. High Unreviewed
CVE-2024-51769 was published Jul 14, 2025
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for... High Unreviewed
CVE-2020-36848 was published Jul 12, 2025
A path traversal vulnerability exists in Riverbed SteelHead VCX appliances (confirmed in VCX255U... High Unreviewed
CVE-2025-34098 was published Jul 10, 2025
An information disclosure vulnerability exists in Ruijie NBR series routers (known to affect... High Unreviewed
CVE-2025-34057 was published Jul 2, 2025
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to... High Unreviewed
CVE-2025-49741 was published Jul 2, 2025
Janssen Config API returns results without scope verification High
CVE-2025-53003 was published for io.jans:jans-config-api-server (Maven) Jun 30, 2025
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.2.0.3... High Unreviewed
CVE-2025-27827 was published Jun 26, 2025
When Multi-Account Containers was enabled, DNS requests could have bypassed a SOCKS proxy when... High Unreviewed
CVE-2025-6432 was published Jun 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database