Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

9,816 advisories

Loading
A security vulnerability has been detected in YiFang CMS up to 2.0.5. Affected by this... Moderate Unreviewed
CVE-2025-9398 was published Aug 25, 2025
A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an... Low Unreviewed
CVE-2025-9381 was published Aug 24, 2025
@musistudio/claude-code-router has improper CORS configuration High
CVE-2025-57755 was published for @musistudio/claude-code-router (npm) Aug 21, 2025
ttttmr
A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some... Moderate Unreviewed
CVE-2025-9240 was published Aug 20, 2025
A vulnerability in the debug logging function of Cisco Duo Authentication Proxy could allow an... Moderate Unreviewed
CVE-2025-20345 was published Aug 20, 2025
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... Low Unreviewed
CVE-2025-8448 was published Aug 20, 2025
A vulnerability was determined in Scada-LTS 2.7.8.1. Affected by this vulnerability is an unknown... Moderate Unreviewed
CVE-2025-9139 was published Aug 19, 2025
Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wf_get_cookie... High Unreviewed
CVE-2025-7654 was published Aug 19, 2025
The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12575 was published Aug 16, 2025
This issue was addressed with improved checks. This issue is fixed in Apple Music Classical 2.3... Moderate Unreviewed
CVE-2025-43201 was published Aug 16, 2025
There is an unauthorized access vulnerability in ZTE F50. Due to improper permission control of... Moderate Unreviewed
CVE-2025-26709 was published Aug 15, 2025
The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less... Moderate Unreviewed
CVE-2025-8091 was published Aug 15, 2025
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-8676 was published Aug 15, 2025
A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the... Moderate Unreviewed
CVE-2025-9005 was published Aug 15, 2025
The Lotus Cars Android app (com.lotus.carsdomestic.intl) 1.2.8 has allowBackup=true set in its... Moderate Unreviewed
CVE-2025-50862 was published Aug 14, 2025
Information Disclosure in Amazon ECS Container Agent Moderate
CVE-2025-9039 was published for github.com/aws/amazon-ecs-agent (Go) Aug 14, 2025
A security issue in the runtime event system allows unauthenticated connections to receive a... High Unreviewed
CVE-2025-9036 was published Aug 14, 2025
In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ with any invalid... Critical Unreviewed
CVE-2025-27845 was published Aug 14, 2025
Apache Superset data query improperly discloses database schema information to low-privileged guest user Moderate
CVE-2025-55673 was published for apache-superset (pip) Aug 14, 2025
An issue was discovered on KuWFi GC111 GC111-GL-LM321_V3.0_20191211 devices. The TELNET service... Critical Unreviewed
CVE-2025-43986 was published Aug 13, 2025
KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API endpoint (ajax_get.cgi),... High Unreviewed
CVE-2025-43988 was published Aug 13, 2025
Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an... High Unreviewed
CVE-2025-53781 was published Aug 12, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises... Moderate Unreviewed
CVE-2025-53728 was published Aug 12, 2025
Exposure of sensitive information to an unauthorized actor in Storage Port Driver allows an... Moderate Unreviewed
CVE-2025-53156 was published Aug 12, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-53134 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database