Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

178 advisories

Loading
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in... Moderate Unreviewed
CVE-2026-20629 was published Feb 12, 2026
EVE Doesn't Protect Config Partition with Measured Boot Moderate
CVE-2023-43634 was published for github.com/lf-edge/eve (Go) Feb 4, 2026
EVE's Debug Functions Unlockable Without Triggering Measured Boot Moderate
CVE-2023-43633 was published for github.com/lf-edge/eve (Go) Feb 4, 2026
EVE: SSH as Root Unlockable Without Triggering Measured Boot Moderate
CVE-2023-43631 was published for github.com/lf-edge/eve (Go) Feb 4, 2026
Weblate wlc has insecure API key configuration Moderate
CVE-2026-22251 was published for wlc (pip) Jan 12, 2026
nijel Credited to nijel and Zee99y Zee99y Zee99y
A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. The impacted element is an... Moderate Unreviewed
CVE-2025-11639 was published Oct 12, 2025
Insecure storage of sensitive information in Galaxy Watch prior to SMR Oct-2025 Release 1 allows... Moderate Unreviewed
CVE-2025-21045 was published Oct 10, 2025
Insecure Storage of Sensitive Information in Secure Folder prior to Android 16 allows local... Moderate Unreviewed
CVE-2025-21041 was published Sep 19, 2025
The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and... Moderate Unreviewed
CVE-2025-43203 was published Sep 16, 2025
Insecure Storage of Sensitive Information vulnerability in Calix GigaCenter ONT (Quantenna SoC... Moderate Unreviewed
CVE-2025-54083 was published Sep 9, 2025
Incorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260... Moderate Unreviewed
CVE-2025-25732 was published Aug 26, 2025
An issue was discovered in 4C Strategies Exonaut 21.6. Passwords, stored in the database, are... Moderate Unreviewed
CVE-2025-46660 was published Aug 6, 2025
A vulnerability was discovered in the storage policy for certain sets of sensitive credential... Moderate Unreviewed
CVE-2025-37110 was published Jul 31, 2025
An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain... Moderate Unreviewed
CVE-2025-28171 was published Jul 29, 2025
Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows... Moderate Unreviewed
CVE-2025-21003 was published Jul 8, 2025
The GuiXT application, which is integrated with SAP GUI for Windows, uses obfuscation algorithms... Moderate Unreviewed
CVE-2025-42979 was published Jul 8, 2025
The TeleMessage service through 2025-05-05 implements authentication through a long-lived... Moderate Unreviewed
CVE-2025-48929 was published May 28, 2025
Serialized configuration information may be disclosed during device commissioning while using... Moderate Unreviewed
CVE-2024-13954 was published May 22, 2025
CWE-922: Insecure Storage of Sensitive Information vulnerability exists that could potentially... Moderate Unreviewed
CVE-2025-2440 was published Apr 9, 2025
Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to... Moderate Unreviewed
CVE-2025-20945 was published Apr 8, 2025
Insecure information storage vulnerability in NTFS Tools version 3.5.1. Exploitation of this... Moderate Unreviewed
CVE-2025-2489 was published Mar 18, 2025
Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Release 1 allows local... Moderate Unreviewed
CVE-2025-20912 was published Mar 6, 2025
in OpenHarmony v5.0.2 and prior versions allow a local attacker cause information leak through... Moderate Unreviewed
CVE-2025-21098 was published Mar 4, 2025
The connection string visible to users with access to FRSCore database on Foreseer Reporting... Moderate Unreviewed
CVE-2025-22492 was published Feb 28, 2025
Inclusion of sensitive information in test code in softsim TA prior to SMR Jan-2025 Release 1... Moderate Unreviewed
CVE-2025-20886 was published Feb 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database