Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

64 advisories

Loading
Client-side password validation (CWE-602) in lumasoft fotoShare Cloud 2025-03-13 allowing... Moderate Unreviewed
CVE-2025-56694 was published Aug 27, 2025
The Order Tip for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Improper... High Unreviewed
CVE-2025-6025 was published Aug 15, 2025
A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0.... Moderate Unreviewed
CVE-2025-8792 was published Aug 10, 2025
IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform... Moderate Unreviewed
CVE-2025-36039 was published Jul 31, 2025
IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2... Moderate Unreviewed
CVE-2024-41751 was published Jul 23, 2025
IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2... Moderate Unreviewed
CVE-2024-41750 was published Jul 23, 2025
An authentication bypass vulnerability was reported in FileZ client application that could allow... High Unreviewed
CVE-2025-6249 was published Jul 17, 2025
IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to... Moderate Unreviewed
CVE-2025-27367 was published Jul 8, 2025
Improper access control in the certificate management component of Ivanti Connect Secure before... Moderate Unreviewed
CVE-2025-5450 was published Jul 8, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... High Unreviewed
CVE-2025-40591 was published Jun 10, 2025
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... Moderate Unreviewed
CVE-2025-43699 was published Jun 10, 2025
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If... Moderate Unreviewed
CVE-2025-47697 was published May 30, 2025
IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive... High Unreviewed
CVE-2025-33137 was published May 22, 2025
A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote... High Unreviewed
CVE-2025-20113 was published May 21, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... Critical Unreviewed
CVE-2025-32469 was published May 13, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... Critical Unreviewed
CVE-2025-33024 was published May 13, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... Critical Unreviewed
CVE-2025-33025 was published May 13, 2025
A vulnerability has been found in Dígitro NGC Explorer 3.44.15 and classified as problematic.... Moderate Unreviewed
CVE-2025-4527 was published May 11, 2025
Outsystems Multiple File Upload < 3.1.0 is vulnerable to Unrestricted File Upload. The... Moderate Unreviewed
CVE-2025-28168 was published May 5, 2025
IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0.1 IF001 Authoring allows... Moderate Unreviewed
CVE-2025-1838 was published May 3, 2025
This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the... High Unreviewed
CVE-2025-42601 was published Apr 23, 2025
W. W. Norton InQuizitive through 2025-04-08 allows students to insert arbitrary records of their... High Unreviewed
CVE-2025-32808 was published Apr 11, 2025
In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When... Moderate Unreviewed
CVE-2025-32359 was published Apr 5, 2025
A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet... Moderate Unreviewed
CVE-2024-52960 was published Mar 11, 2025
An issue in account management interface in Netsweeper Server v.8.2.6 and earlier (fixed in v.8.2... High Unreviewed
CVE-2025-25497 was published Mar 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database