Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

64 advisories

Loading
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,... Moderate Unreviewed
CVE-2024-20476 was published Nov 6, 2024
A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData at least... High Unreviewed
CVE-2024-23666 was published Nov 12, 2024
Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program has found that it is possible to... Moderate Unreviewed
CVE-2024-6831 was published Nov 26, 2024
Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API Low
CVE-2024-52008 was published for ethyca-fides (pip) Nov 26, 2024
h0wl andres-torres-marroquin
daveqnet erosselli
Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before... High Unreviewed
CVE-2024-9844 was published Dec 10, 2024
Umbraco Forms's Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length Moderate
CVE-2025-23041 was published for Umbraco.Forms (NuGet) Jan 14, 2025
RGV2ZWxvcGVy
IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and IBM... Moderate Unreviewed
CVE-2024-49824 was published Jan 18, 2025
An issue in account management interface in Netsweeper Server v.8.2.6 and earlier (fixed in v.8.2... High Unreviewed
CVE-2025-25497 was published Mar 6, 2025
A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet... Moderate Unreviewed
CVE-2024-52960 was published Mar 11, 2025
Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a... Moderate Unreviewed
CVE-2023-0704 was published Feb 7, 2023
In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When... Moderate Unreviewed
CVE-2025-32359 was published Apr 5, 2025
W. W. Norton InQuizitive through 2025-04-08 allows students to insert arbitrary records of their... High Unreviewed
CVE-2025-32808 was published Apr 11, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330... Critical Unreviewed
CVE-2025-27681 was published Mar 5, 2025
A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX... Moderate Unreviewed
CVE-2017-14013 was published May 13, 2022
This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the... High Unreviewed
CVE-2025-42601 was published Apr 23, 2025
IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0.1 IF001 Authoring allows... Moderate Unreviewed
CVE-2025-1838 was published May 3, 2025
Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62... Moderate Unreviewed
CVE-2022-3310 was published Nov 2, 2022
Insufficient policy enforcement in developer tools in Google Chrome prior to 106.0.5249.62... High Unreviewed
CVE-2022-3308 was published Nov 2, 2022
Outsystems Multiple File Upload < 3.1.0 is vulnerable to Unrestricted File Upload. The... Moderate Unreviewed
CVE-2025-28168 was published May 5, 2025
A vulnerability has been found in Dígitro NGC Explorer 3.44.15 and classified as problematic.... Moderate Unreviewed
CVE-2025-4527 was published May 11, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... Critical Unreviewed
CVE-2025-33024 was published May 13, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... Critical Unreviewed
CVE-2025-33025 was published May 13, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... Critical Unreviewed
CVE-2025-32469 was published May 13, 2025
A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote... High Unreviewed
CVE-2025-20113 was published May 21, 2025
Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed... Moderate Unreviewed
CVE-2022-3047 was published Sep 27, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database