Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

172 advisories

Loading
An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1,... Moderate Unreviewed
CVE-2017-0211 was published May 13, 2022
The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans by default. These can be... Moderate Unreviewed
CVE-2017-15269 was published May 13, 2022
Agent-to-controller security bypass vulnerability in Jenkins BMC Compuware Source Code Download for Endevor, PDS, and ISPW Plugin Moderate
CVE-2022-43423 was published for com.compuware.jenkins:compuware-scm-downloader (Maven) Oct 19, 2022
NotMyFault
Agent-to-controller security bypass vulnerabilities in Jenkins Compuware Topaz for Total Test Plugin High
CVE-2022-43428 was published for com.compuware.jenkins:compuware-topaz-for-total-test (Maven) Oct 19, 2022
NotMyFault
CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists... High Unreviewed
CVE-2025-2875 was published May 14, 2025
HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability. An attacker can... High Unreviewed
CVE-2024-42168 was published Jan 11, 2025
In certain highly specific configurations of the host system and MongoDB server binary... Moderate Unreviewed
CVE-2024-8207 was published Aug 27, 2024
External control of file name or path in Microsoft Defender for Endpoint allows an authorized... Moderate Unreviewed
CVE-2025-26684 was published May 13, 2025
CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail... Moderate Unreviewed
CVE-2020-36772 was published Jan 22, 2024
A vulnerability, which was classified as problematic, has been found in ywoa up to 2024.07.03.... Moderate Unreviewed
CVE-2025-1225 was published Feb 12, 2025
A vulnerability, which was classified as problematic, has been found in Fengoffice Feng Office 3... Moderate Unreviewed
CVE-2025-5877 was published Jun 9, 2025
The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-6691 was published Jul 9, 2025
A vulnerability was found in Jinher OA 1.0 and classified as problematic. Affected by this issue... Moderate Unreviewed
CVE-2025-7523 was published Jul 13, 2025
A vulnerability was found in Jinher OA 1.2. It has been declared as problematic. This... Moderate Unreviewed
CVE-2025-7823 was published Jul 19, 2025
Sitecore Experience Platform (XP) prior to 8.0 Initial Release (rev. 141212) and Content... Moderate Unreviewed
CVE-2015-10142 was published Jul 25, 2025
A vulnerability was found in Jinher OA 1.1. It has been rated as problematic. This issue affects... Moderate Unreviewed
CVE-2025-7824 was published Jul 19, 2025
In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user... Moderate Unreviewed
CVE-2025-26417 was published Aug 27, 2025
In multiple functions of StatusHint.java and TelecomServiceImpl.java, there is a possible way to... Moderate Unreviewed
CVE-2025-0082 was published Aug 27, 2025
Local privilege escalation due to improper soft link handling. The following products are... High Unreviewed
CVE-2025-48963 was published Aug 28, 2025
A vulnerability was found in Jinher OA up to 1.2. This impacts an unknown function of the file ... Moderate Unreviewed
CVE-2025-10092 was published Sep 8, 2025
A vulnerability has been found in Jinher OA up to 1.2. This affects an unknown function of the... Moderate Unreviewed
CVE-2025-10091 was published Sep 8, 2025
A server-side request forgery security issue exists within Rockwell Automation ThinManager®... High Unreviewed
CVE-2025-9065 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database