Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,894 advisories

Loading
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a... High Unreviewed
CVE-2024-6174 was published Jun 26, 2025
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an Improper... High Unreviewed
CVE-2025-49851 was published Jun 24, 2025
A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects... Low Unreviewed
CVE-2025-6524 was published Jun 23, 2025
An unauthorized access vulnerability exists in the Xiaomi Mi Connect Service APP. The... Critical Unreviewed
CVE-2024-45347 was published Jun 23, 2025
An issue was discovered on COROS PACE 3 devices through 3.0808.0. It identifies itself as a... Critical Unreviewed
CVE-2025-32877 was published Jun 20, 2025
An issue was discovered on COROS PACE 3 devices through 3.0808.0. It starts advertising if no... High Unreviewed
CVE-2025-32879 was published Jun 20, 2025
An issue was discovered in the COROS application through 3.8.12 for Android. Bluetooth pairing... Critical Unreviewed
CVE-2025-32875 was published Jun 20, 2025
Permission vulnerability in the mobile application (com.afmobi.boomplayer) may lead to the risk... Critical Unreviewed
CVE-2025-6172 was published Jun 16, 2025
In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to... Moderate Unreviewed
CVE-2025-6083 was published Jun 13, 2025
Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion... Low Unreviewed
CVE-2024-38822 was published Jun 13, 2025
Salt's salt.auth.pki module does not properly authenticate callers Moderate
CVE-2024-38825 was published for salt (pip) Jun 13, 2025
Salt has minion event bus authorization bypass vulnerability High
CVE-2025-22236 was published for salt (pip) Jun 13, 2025
pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration High
CVE-2025-49146 was published for org.postgresql:postgresql (Maven) Jun 11, 2025
jawj
A vulnerability was found in code-projects School Fees Payment System 1.0 and classified as... Moderate Unreviewed
CVE-2025-5985 was published Jun 11, 2025
Erxes Incorrect Access Control vulnerability High
CVE-2024-57190 was published for erxes (npm) Jun 10, 2025
A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This... Moderate Unreviewed
CVE-2025-5906 was published Jun 10, 2025
An issue in KeeperChat IOS Application v.5.8.8 allows a physically proximate attacker to escalate... Moderate Unreviewed
CVE-2025-29627 was published Jun 9, 2025
A vulnerability classified as problematic was found in Lucky LM-520-SC, LM-520-FSC and LM-520-FSC... Moderate Unreviewed
CVE-2025-5876 was published Jun 9, 2025
A vulnerability was found in eGauge EG3000 Energy Monitor 3.6.3. It has been classified as... Moderate Unreviewed
CVE-2025-5872 was published Jun 9, 2025
A vulnerability was found in Papendorf SOL Connect Center 3.3.0.0 and classified as problematic.... Moderate Unreviewed
CVE-2025-5871 was published Jun 9, 2025
A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 Build 36 and classified as critical.... Moderate Unreviewed
CVE-2025-5870 was published Jun 9, 2025
An improper authentication vulnerability has been reported to affect QHora. If an attacker gains... Moderate Unreviewed
CVE-2024-13088 was published Jun 6, 2025
Bypass vulnerability in the device management channel Impact: Successful exploitation of this... High Unreviewed
CVE-2025-48909 was published Jun 6, 2025
Improper Authentication vulnerability in WF Steuerungstechnik GmbH airleader MASTER allows... Critical Unreviewed
CVE-2025-5597 was published Jun 4, 2025
A vulnerability, which was classified as critical, was found in quequnlong shiyi-blog up to 1.2.1... Moderate Unreviewed
CVE-2025-5512 was published Jun 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database