Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,536 advisories

Loading
Intelbras IWR 3000N 1.9.8 exposes the Wi-Fi password in plaintext via the /api/wireless endpoint.... High Unreviewed
CVE-2025-55976 was published Sep 10, 2025
Through the provision of user names, SolaX Cloud will suggest (similar) user accounts and thereby... High Unreviewed
CVE-2025-36759 was published Sep 10, 2025
An issue in TP-Link AX10 Ax1500 v.1.3.10 Build (20230130) allows a remote attacker to obtain... High Unreviewed
CVE-2025-29089 was published Sep 9, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Office Plus allows an... High Unreviewed
CVE-2025-55243 was published Sep 9, 2025
Information disclosure High Unreviewed
CVE-2025-36895 was published Sep 4, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore... High Unreviewed
CVE-2025-53694 was published Sep 3, 2025
The Xagio SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed
CVE-2024-13807 was published Aug 28, 2025
SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information... High Unreviewed
CVE-2023-7308 was published Aug 28, 2025
Mahara before 24.04.9 exposes database connection information if the database becomes unreachable... High Unreviewed
CVE-2025-29992 was published Aug 26, 2025
Mahara before 22.10.4 and 23.x before 23.04.4 allows information disclosure if the experimental... High Unreviewed
CVE-2023-47799 was published Aug 25, 2025
Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wf_get_cookie... High Unreviewed
CVE-2025-7654 was published Aug 19, 2025
A security issue in the runtime event system allows unauthenticated connections to receive a... High Unreviewed
CVE-2025-9036 was published Aug 14, 2025
KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API endpoint (ajax_get.cgi),... High Unreviewed
CVE-2025-43988 was published Aug 13, 2025
Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an... High Unreviewed
CVE-2025-53781 was published Aug 12, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-53134 was published Aug 12, 2025
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an... High Unreviewed
CVE-2025-50154 was published Aug 12, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an... High Unreviewed
CVE-2025-33051 was published Aug 12, 2025
Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to... High Unreviewed
CVE-2025-3831 was published Aug 12, 2025
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2025-40768 was published Aug 12, 2025
An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. Information disclosure can... High Unreviewed
CVE-2025-46659 was published Aug 6, 2025
Electrolink FM/DAB/TV Transmitter Web Management System Unauthorized access vulnerability via the... High Unreviewed
CVE-2025-51040 was published Aug 6, 2025
A vulnerability affecting the scanning module in Emsisoft Anti-Malware prior to 2024.12 allows... High Unreviewed
CVE-2025-29745 was published Aug 5, 2025
An issue in Aver PTC310UV2 v.0.1.0000.59 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2025-45620 was published Jul 30, 2025
An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 -... High Unreviewed
CVE-2020-36850 was published Jul 25, 2025
HCL iAutomate is affected by a sensitive data exposure vulnerability. This issue may allow... High Unreviewed
CVE-2025-31955 was published Jul 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database