Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,857
Maven
5,000+
npm
4,488
NuGet
780
pip
4,243
Pub
12
RubyGems
975
Rust
1,095
Swift
49
Unreviewed advisories
All unreviewed
5,000+

20 advisories

Loading
Leak of information via Store-API Critical
GHSA-f2vv-h5x4-57gr was published for shopware/platform (Composer) Feb 10, 2021
A vulnerability in Cisco Webex Meetings Desktop App and Webex Productivity Tools for Windows... Moderate Unreviewed
CVE-2021-1372 was published May 24, 2022
A vulnerability classified as problematic was found in SourceCodester Best Online News Portal 1.0... Moderate Unreviewed
CVE-2023-0785 was published Feb 12, 2023
A vulnerability in the History API of Cisco SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed
CVE-2022-20747 was published Apr 16, 2022
A vulnerability in the scanning engines of Cisco AsyncOS Software for Cisco Secure Web Appliance... Moderate Unreviewed
CVE-2023-20215 was published Aug 4, 2023
WAVLINK WN551K1'live_check.shtml enables attackers to obtain sensitive router information. Moderate Unreviewed
CVE-2024-38897 was published Jun 24, 2024
WAVLINK WN551K1'live_mfg.shtml enables attackers to obtain sensitive router information. Moderate Unreviewed
CVE-2024-38895 was published Jun 24, 2024
An issue in Wavlink WN551K1 allows a remote attacker to obtain sensitive information via the... Moderate Unreviewed
CVE-2024-38892 was published Jun 24, 2024
The pmpro-member-directory WordPress plugin before 1.2.6 does not prevent users with at least the... Moderate Unreviewed
CVE-2024-1287 was published Jul 30, 2024
A vulnerability in the password change feature of Cisco Firepower Management Center (FMC)... Moderate Unreviewed
CVE-2024-20388 was published Oct 23, 2024
Cleartext Storage of Sensitive Information vulnerability in Finrota Netahsilat allows Retrieve... High Unreviewed
CVE-2024-6400 was published Oct 4, 2024
Exposure of Sensitive Information Through Data Queries vulnerability in Drupal RESTful Web... High Unreviewed
CVE-2024-13255 was published Jan 9, 2025
Dell Wyse Management Suite, versions prior to WMS 5.1, contains an Exposure of Sensitive... High Unreviewed
CVE-2025-29981 was published Apr 2, 2025
Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Exposure of Sensitive... High Unreviewed
CVE-2025-36575 was published Jun 10, 2025
A vulnerability in the API endpoints for Cisco DNA Center could allow an authenticated, remote... Moderate Unreviewed
CVE-2021-34782 was published May 24, 2022
Possible ORM Leak Vulnerability in the Harbor Moderate
CVE-2025-30086 was published for github.com/goharbor/harbor (Go) Jul 23, 2025
DragonFly vulnerable to arbitrary file read and write on a peer machine Moderate
CVE-2025-59352 was published for d7y.io/dragonfly/v2 (Go) Sep 17, 2025
gaius-qi
Credited to gaius-qi
phpMyFAQ has unauthenticated config backup download via /api/setup/backup High
CVE-2025-69200 was published for thorsten/phpmyfaq (Composer) Dec 30, 2025
eclipse07077-ljw
Credited to eclipse07077-ljw
AIOHTTP vulnerable to brute-force leak of internal static file path components Low
CVE-2025-69226 was published for aiohttp (pip) Jan 5, 2026
ThomasRinsma
Credited to ThomasRinsma
Unauthenticated Craft CMS users can trigger a database backup High
CVE-2025-68456 was published for craftcms/cms (Composer) Jan 5, 2026
h4x0r-dz
Credited to h4x0r-dz
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database