Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

44 advisories

Loading
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a... Moderate Unreviewed
CVE-2026-3941 was published Mar 12, 2026
The Spin Wheel plugin for WordPress is vulnerable to client-side prize manipulation in all... Moderate Unreviewed
CVE-2026-0808 was published Jan 17, 2026
IBM Db2 Intelligence Center 1.1.0, 1.1.1, 1.1.2 could allow an authenticated user to perform... Moderate Unreviewed
CVE-2025-14687 was published Dec 26, 2025
The Hydra Booking — Appointment Scheduling & Booking Calendar plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2025-12788 was published Nov 11, 2025
IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an attacker to... Moderate Unreviewed
CVE-2025-36093 was published Nov 3, 2025
Client-Side Enforcement of Server-Side Security (CWE-602) in the Command Centre Server allows a... Moderate Unreviewed
CVE-2025-41402 was published Oct 23, 2025
Client-side password validation (CWE-602) in lumasoft fotoShare Cloud 2025-03-13 allowing... Moderate Unreviewed
CVE-2025-56694 was published Aug 27, 2025
A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0.... Moderate Unreviewed
CVE-2025-8792 was published Aug 10, 2025
IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform... Moderate Unreviewed
CVE-2025-36039 was published Jul 31, 2025
IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2... Moderate Unreviewed
CVE-2024-41751 was published Jul 23, 2025
IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2... Moderate Unreviewed
CVE-2024-41750 was published Jul 23, 2025
IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to... Moderate Unreviewed
CVE-2025-27367 was published Jul 8, 2025
Improper access control in the certificate management component of Ivanti Connect Secure before... Moderate Unreviewed
CVE-2025-5450 was published Jul 8, 2025
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... Moderate Unreviewed
CVE-2025-43699 was published Jun 10, 2025
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If... Moderate Unreviewed
CVE-2025-47697 was published May 30, 2025
A vulnerability has been found in Dígitro NGC Explorer 3.44.15 and classified as problematic.... Moderate Unreviewed
CVE-2025-4527 was published May 11, 2025
Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation... Moderate Unreviewed
CVE-2025-46591 was published May 6, 2025
Outsystems Multiple File Upload < 3.1.0 is vulnerable to Unrestricted File Upload. The... Moderate Unreviewed
CVE-2025-28168 was published May 5, 2025
IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0.1 IF001 Authoring allows... Moderate Unreviewed
CVE-2025-1838 was published May 3, 2025
In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When... Moderate Unreviewed
CVE-2025-32359 was published Apr 5, 2025
A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet... Moderate Unreviewed
CVE-2024-52960 was published Mar 11, 2025
IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and IBM... Moderate Unreviewed
CVE-2024-49824 was published Jan 18, 2025
Umbraco Forms's Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length Moderate
CVE-2025-23041 was published for Umbraco.Forms (NuGet) Jan 14, 2025
RGV2ZWxvcGVy Credited to RGV2ZWxvcGVy
Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program has found that it is possible to... Moderate Unreviewed
CVE-2024-6831 was published Nov 26, 2024
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,... Moderate Unreviewed
CVE-2024-20476 was published Nov 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database