Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,925
Maven
5,000+
npm
4,578
NuGet
786
pip
4,290
Pub
12
RubyGems
979
Rust
1,112
Swift
49
Unreviewed advisories
All unreviewed
5,000+

309 advisories

Loading
EVE Doesn't Protect Config Partition with Measured Boot Moderate
CVE-2023-43634 was published for github.com/lf-edge/eve (Go) Feb 4, 2026
EVE's Debug Functions Unlockable Without Triggering Measured Boot Moderate
CVE-2023-43633 was published for github.com/lf-edge/eve (Go) Feb 4, 2026
EVE: SSH as Root Unlockable Without Triggering Measured Boot Moderate
CVE-2023-43631 was published for github.com/lf-edge/eve (Go) Feb 4, 2026
A security issue was discovered within the legacy ADI server component of Verve Asset Manager,... High Unreviewed
CVE-2025-14376 was published Jan 20, 2026
Weblate wlc has insecure API key configuration Moderate
CVE-2026-22251 was published for wlc (pip) Jan 12, 2026
nijel Zee99y
Credited to nijel and Zee99y
Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve... High Unreviewed
CVE-2025-10971 was published Dec 2, 2025
The TNC Toolbox: Web Performance plugin for WordPress is vulnerable to Sensitive Information... Critical Unreviewed
CVE-2025-12539 was published Nov 11, 2025
A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is... Low Unreviewed
CVE-2025-11644 was published Oct 12, 2025
A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. The impacted element is an... Moderate Unreviewed
CVE-2025-11639 was published Oct 12, 2025
Insecure storage of sensitive information in Galaxy Watch prior to SMR Oct-2025 Release 1 allows... Moderate Unreviewed
CVE-2025-21045 was published Oct 10, 2025
Insecure Storage of Sensitive Information in Secure Folder prior to Android 16 allows local... Moderate Unreviewed
CVE-2025-21041 was published Sep 19, 2025
The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and... Moderate Unreviewed
CVE-2025-43203 was published Sep 16, 2025
Some "Stored Value" Unattended Payment Solutions of KioSoft use vulnerable NFC cards. Attackers... Critical Unreviewed
CVE-2025-8699 was published Sep 12, 2025
Insecure Storage of Sensitive Information vulnerability in Calix GigaCenter ONT (Quantenna SoC... Moderate Unreviewed
CVE-2025-54083 was published Sep 9, 2025
Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information... High Unreviewed
CVE-2025-53507 was published Aug 29, 2025
Incorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260... Moderate Unreviewed
CVE-2025-25732 was published Aug 26, 2025
An issue was discovered in 4C Strategies Exonaut 21.6. Passwords, stored in the database, are... Moderate Unreviewed
CVE-2025-46660 was published Aug 6, 2025
A vulnerability was discovered in the storage policy for certain sets of sensitive credential... Moderate Unreviewed
CVE-2025-37110 was published Jul 31, 2025
An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain... Moderate Unreviewed
CVE-2025-28171 was published Jul 29, 2025
Insecure Permissions vulnerability in the Local Storage in Alteryx Server 2023.1.1.460 allows... High Unreviewed
CVE-2025-28244 was published Jul 10, 2025
Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows... Moderate Unreviewed
CVE-2025-21003 was published Jul 8, 2025
The GuiXT application, which is integrated with SAP GUI for Windows, uses obfuscation algorithms... Moderate Unreviewed
CVE-2025-42979 was published Jul 8, 2025
The TeleMessage service through 2025-05-05 implements authentication through a long-lived... Moderate Unreviewed
CVE-2025-48929 was published May 28, 2025
Serialized configuration information may be disclosed during device commissioning while using... Moderate Unreviewed
CVE-2024-13954 was published May 22, 2025
Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the... High Unreviewed
CVE-2025-45242 was published May 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database