Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
47
GitHub Actions
48
Go
3,378
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,573
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

1,950 advisories

Loading
A vulnerability exists in the Web interface of the MicroSCADA X SYS600 product. The filtering... High Unreviewed
CVE-2025-39204 was published Jun 24, 2025
OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information... High Unreviewed
CVE-2025-27387 was published Jun 23, 2025
DNN.PLATFORM leaks NTLM hash via SMB Share Interaction with malicious user input High
CVE-2025-52488 was published for DNN.PLATFORM (NuGet) Jun 20, 2025
infosec-au Credited to infosec-au
The Versa Director SD-WAN orchestration platform provides direct web-based access to uCPE virtual... High Unreviewed
CVE-2025-23173 was published Jun 19, 2025
A remote unauthorized attacker may gather sensitive information of the application, due to... High Unreviewed
CVE-2025-49184 was published Jun 12, 2025
When an Apache CloudStack user-account creates a CKS-based Kubernetes cluster in a project, the... High Unreviewed
CVE-2025-26521 was published Jun 11, 2025
BackendAI vulnerable to Exposure of Sensitive Information to an Unauthorized Actor High
CVE-2025-49653 was published for backend.ai (pip) Jun 9, 2025
Yaminyam Credited to Yaminyam
Exposure of private personal information to an unauthorized actor in the user vaults component of... High Unreviewed
CVE-2025-5334 was published May 29, 2025
An unauthenticated remote attacker can access information about running processes via the SNMP... High Unreviewed
CVE-2025-41654 was published May 26, 2025
An issue in Zalo v23.09.01 allows attackers to obtain sensitive user information via a crafted... High Unreviewed
CVE-2024-53359 was published May 20, 2025
VMware Cloud Foundation contains an information disclosure vulnerability. A malicious actor with... High Unreviewed
CVE-2025-41230 was published May 20, 2025
The Wise Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed
CVE-2024-13613 was published May 17, 2025
A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf... High Unreviewed
CVE-2025-3877 was published May 14, 2025
OXID eShop May Display User Information High
CVE-2024-56526 was published for oxid-esales/oxideshop-ce (Composer) May 13, 2025
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15... High Unreviewed
CVE-2025-31256 was published May 13, 2025
A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.5 and... High Unreviewed
CVE-2025-31225 was published May 13, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5... High Unreviewed
CVE-2025-31207 was published May 13, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace. High Unreviewed
CVE-2025-32983 was published Apr 25, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper... High Unreviewed
CVE-2025-32986 was published Apr 25, 2025
Moodle allows unauthenticated REST API user data exposure High
CVE-2025-32044 was published for moodle/moodle (Composer) Apr 25, 2025
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2025-23174 was published Apr 21, 2025
An information disclosure vulnerability in the component /socket.io/1/websocket/ of Soundcraft Ui... High Unreviewed
CVE-2025-28235 was published Apr 18, 2025
Interface exposure vulnerability in the mobile application (com.transsion.carlcare) may lead to ... High Unreviewed
CVE-2025-3698 was published Apr 16, 2025
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). ... High Unreviewed
CVE-2025-30724 was published Apr 15, 2025
Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an... High Unreviewed
CVE-2025-29805 was published Apr 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database