Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,973
NuGet
715
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

9,620 advisories

Loading
The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions... Moderate Unreviewed
CVE-2025-4798 was published Jun 11, 2025
Script elements loading cross-origin resources generated load and error events which leaked... Moderate Unreviewed
CVE-2025-5266 was published May 27, 2025
When an Apache CloudStack user-account creates a CKS-based Kubernetes cluster in a project, the... High Unreviewed
CVE-2025-26521 was published Jun 11, 2025
BackendAI vulnerable to Exposure of Sensitive Information to an Unauthorized Actor High
CVE-2025-49653 was published for backend.ai (pip) Jun 9, 2025
A remote unauthorized attacker may gather sensitive information of the application, due to... High Unreviewed
CVE-2025-49184 was published Jun 12, 2025
The created backup files are unencrypted, making the application vulnerable for gathering... Moderate Unreviewed
CVE-2025-49200 was published Jun 12, 2025
The issue was addressed with additional restrictions on the observability of app states. This... Moderate Unreviewed
CVE-2023-42829 was published Jan 11, 2024
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5... Moderate Unreviewed
CVE-2023-42888 was published Jan 23, 2024
An issue in Cleaning_makotoya mini-app on Line v13.6.1 allows attackers to send crafted malicious... Moderate Unreviewed
CVE-2023-43994 was published Jan 24, 2024
A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not... Moderate Unreviewed
CVE-2025-49177 was published Jun 17, 2025
A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is... Low Unreviewed
CVE-2025-6199 was published Jun 17, 2025
This issue was addressed with improved data protection. This issue is fixed in macOS Sonoma 14.... Moderate Unreviewed
CVE-2023-40411 was published Jan 11, 2024
This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may... Moderate Unreviewed
CVE-2023-41987 was published Jan 11, 2024
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14,... Moderate Unreviewed
CVE-2023-40385 was published Jan 11, 2024
An issue in mimasaka_farm mini-app on Line v13.6.1 allows attackers to send crafted malicious... Moderate Unreviewed
CVE-2023-48135 was published Jan 26, 2024
An issue in CHIGASAKI BAKERY mini-app on Line v13.6.1 allows attackers to send crafted malicious... Moderate Unreviewed
CVE-2023-48131 was published Jan 26, 2024
HCL DRYiCE MyXalytics is impacted by an information disclosure vulnerability. Certain endpoints... Low Unreviewed
CVE-2023-50346 was published Jan 3, 2024
Jizhicms v2.5 was discovered to contain an arbitrary file download vulnerability via the... Critical Unreviewed
CVE-2023-51154 was published Jan 4, 2024
Withdrawn Advisory: Helm shows secrets in clear text Moderate
CVE-2019-25210 was published for helm.sh/helm/v3 (Go) Mar 3, 2024 withdrawn
oscerd
Passbolt Browser Extension leaks password information Moderate
CVE-2024-33669 was published for passbolt-browser-extension (npm) Apr 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database