Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

269 advisories

Loading
Some "Stored Value" Unattended Payment Solutions of KioSoft use vulnerable NFC cards. Attackers... Critical Unreviewed
CVE-2025-8699 was published Sep 12, 2025
The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and... Moderate Unreviewed
CVE-2025-43203 was published Sep 16, 2025
Insecure Storage of Sensitive Information vulnerability in Calix GigaCenter ONT (Quantenna SoC... Moderate Unreviewed
CVE-2025-54083 was published Sep 9, 2025
Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information... High Unreviewed
CVE-2025-53507 was published Aug 29, 2025
An issue was discovered in 4C Strategies Exonaut 21.6. Passwords, stored in the database, are... Moderate Unreviewed
CVE-2025-46660 was published Aug 6, 2025
A vulnerability was discovered in the storage policy for certain sets of sensitive credential... Moderate Unreviewed
CVE-2025-37110 was published Jul 31, 2025
An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain... Moderate Unreviewed
CVE-2025-28171 was published Jul 29, 2025
Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows... Moderate Unreviewed
CVE-2025-21003 was published Jul 8, 2025
Insecure Permissions vulnerability in the Local Storage in Alteryx Server 2023.1.1.460 allows... High Unreviewed
CVE-2025-28244 was published Jul 10, 2025
The GuiXT application, which is integrated with SAP GUI for Windows, uses obfuscation algorithms... Moderate Unreviewed
CVE-2025-42979 was published Jul 8, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2024-21211 was published Oct 15, 2024
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin... Moderate Unreviewed
CVE-2023-5879 was published Jan 3, 2024
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-3678 was published Apr 26, 2024
`bhyveload -h <host-path>` may be used to grant loader access to the <host-path> directory tree... Moderate Unreviewed
CVE-2024-25940 was published Feb 15, 2024
The TeleMessage service through 2025-05-05 implements authentication through a long-lived... Moderate Unreviewed
CVE-2025-48929 was published May 28, 2025
Serialized configuration information may be disclosed during device commissioning while using... Moderate Unreviewed
CVE-2024-13954 was published May 22, 2025
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in... Low Unreviewed
CVE-2024-23217 was published Jan 23, 2024
Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4... Moderate Unreviewed
CVE-2022-28170 was published Oct 26, 2022
This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS... Low Unreviewed
CVE-2022-32867 was published Nov 2, 2022
Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the... High Unreviewed
CVE-2025-45242 was published May 5, 2025
Use of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated attacker to... High Unreviewed
CVE-2025-46627 was published May 2, 2025
An issue existed with the file paths used to store website data. The issue was resolved by... Moderate Unreviewed
CVE-2022-32833 was published Dec 15, 2022
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where... Moderate Unreviewed
CVE-2017-16560 was published May 13, 2022
** UNSUPPPORTED WHEN ASSIGNED ** Sending some requests in the web application of the... High Unreviewed
CVE-2023-41965 was published Sep 18, 2023
Logins saved by Firefox should be managed by the Password Manager component which uses encryption... Low Unreviewed
CVE-2022-42931 was published Dec 22, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database