Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,950
Maven
5,000+
npm
4,596
NuGet
787
pip
4,301
Pub
12
RubyGems
982
Rust
1,121
Swift
49
Unreviewed advisories
All unreviewed
5,000+

67 advisories

Loading
A security issue was discovered within the legacy ADI server component of Verve Asset Manager,... High Unreviewed
CVE-2025-14376 was published Jan 20, 2026
Insecure Storage of Sensitive Information vulnerability in MeetMe on iOS, Android allows Retrieve... High Unreviewed
CVE-2025-10971 was published Dec 2, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma... High Unreviewed
CVE-2023-42913 was published Mar 28, 2024
Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information... High Unreviewed
CVE-2025-53507 was published Aug 29, 2025
Insecure Permissions vulnerability in the Local Storage in Alteryx Server 2023.1.1.460 allows... High Unreviewed
CVE-2025-28244 was published Jul 10, 2025
Missing permission checks on Hazelcast client protocol High
CVE-2023-45859 was published for com.hazelcast:hazelcast (Maven) Feb 27, 2024
jorditpuig
Credited to jorditpuig
Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the... High Unreviewed
CVE-2025-45242 was published May 5, 2025
Use of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated attacker to... High Unreviewed
CVE-2025-46627 was published May 2, 2025
** UNSUPPPORTED WHEN ASSIGNED ** Sending some requests in the web application of the... High Unreviewed
CVE-2023-41965 was published Sep 18, 2023
Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to... High Unreviewed
CVE-2025-29809 was published Apr 8, 2025
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4... High Unreviewed
CVE-2024-28069 was published Mar 16, 2024
Openshift Hive Exposes VCenter Credentials via ClusterProvision High
CVE-2025-2241 was published for github.com/openshift/hive (Go) Mar 17, 2025
The Export All Posts, Products, Orders, Refunds & Users plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-12315 was published Feb 12, 2025
RuoYi allowed unauthorized attackers to view the session ID of the admin in the system monitoring High
CVE-2024-57436 was published for com.ruoyi:ruoyi (Maven) Jan 29, 2025
An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a... High Unreviewed
CVE-2024-57546 was published Jan 28, 2025
An access control issue in the component /square/getAllSquare/circle of iceCMS v2.2.0 allows... High Unreviewed
CVE-2025-22983 was published Jan 14, 2025
An access control issue in the component /api/squareComment/DelectSquareById of iceCMS v2.2.0... High Unreviewed
CVE-2025-22984 was published Jan 14, 2025
Smart Toilet Lab - Motius 1.3.11 is running with debug mode turned on (DEBUG = True) and exposing... High Unreviewed
CVE-2024-56113 was published Jan 9, 2025
Windows Kerberos Security Feature Bypass Vulnerability High Unreviewed
CVE-2025-21299 was published Jan 14, 2025
An issue found in Twilight v.13.3 for Android allows unauthorized apps to cause escalation of... High Unreviewed
CVE-2023-29755 was published Jun 9, 2023
An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause... High Unreviewed
CVE-2023-29757 was published Jun 9, 2023
Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack... High Unreviewed
CVE-2024-37144 was published Dec 10, 2024
Ruijie Reyee OS versions 2.206.x up to but not including 2.320.x could enable an attacker to... High Unreviewed
CVE-2024-47043 was published Dec 6, 2024
An issue in Ruijie NBR3000D-E Gateway allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2024-48783 was published Oct 15, 2024
Insufficient validation performed on the REST API License file in Paxton Net2 before 6.07.14023... High Unreviewed
CVE-2024-48939 was published Nov 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database