Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

17 advisories

Loading
The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET.... High Unreviewed
CVE-2025-30038 was published Aug 27, 2025
PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user... Low Unreviewed
CVE-2025-8713 was published Aug 14, 2025
Information disclosure while accessing and modifying the PIB file of a remote device via powerline. High Unreviewed
CVE-2025-47324 was published Aug 6, 2025
In Dradis before 4.11.0, the Output Console shows a job queue that may contain information about... Low Unreviewed
CVE-2023-50458 was published Jul 10, 2025
LiteLLM Has a Leakage of Langfuse API Keys High
CVE-2025-0330 was published for litellm (pip) Mar 20, 2025
An information disclosure vulnerability exists in the latest version of transformeroptimus... Moderate Unreviewed
CVE-2024-9447 was published Mar 20, 2025
In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and... High Unreviewed
CVE-2024-9099 was published Mar 20, 2025
Inappropriate implementation in Media Stream in Google Chrome prior to 134.0.6998.35 allowed a... Moderate Unreviewed
CVE-2025-1921 was published Mar 5, 2025
Moodle's non-searchable tags can still be discovered on the tag search page and in the tags block Moderate
CVE-2025-26527 was published for moodle/moodle (Composer) Feb 24, 2025
The RomethemeKit For Elementor plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-10324 was published Jan 24, 2025
Expired and unusable administrator authentication tokens can be revealed by units that have timed... Moderate Unreviewed
CVE-2024-47517 was published Jan 11, 2025
Dell NativeEdge, version(s) 2.1.0.0, contain(s) an Exposure of Sensitive Information Through... High Unreviewed
CVE-2024-53291 was published Dec 25, 2024
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the... Moderate Unreviewed
CVE-2024-49395 was published Nov 12, 2024
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2024-8910 was published Sep 25, 2024
In mintplex-labs/anything-llm versions up to and including 1.5.3, an issue was discovered where... Moderate Unreviewed
CVE-2024-5213 was published Jun 20, 2024
Dell PowerScale OneFS, 8.2.x-9.5.0.x, contains an information disclosure vulnerability in NFS. A... Moderate Unreviewed
CVE-2023-32488 was published Aug 16, 2023
Answer vulnerable to Exposure of Sensitive Information Through Metadata Moderate
CVE-2023-1974 was published for github.com/answerdev/answer (Go) Apr 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database