Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,491 advisories

Loading
Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a... High Unreviewed
CVE-2024-22022 was published Feb 7, 2024
The API in Accredible Credential.net December 6th, 2023 allows an Insecure Direct Object... High Unreviewed
CVE-2023-50872 was published Apr 16, 2024
An isolated local disclosure of information and potential isolated local arbitrary code execution... High Unreviewed
CVE-2022-28638 was published Sep 21, 2022
Exposure of private personal information to an unauthorized actor in the user vaults component of... High Unreviewed
CVE-2025-5334 was published May 29, 2025
An unauthenticated remote attacker can access information about running processes via the SNMP... High Unreviewed
CVE-2025-41654 was published May 26, 2025
Medtronic 2090 CareLink Programmer all versions The affected product uses a virtual private... High Unreviewed
CVE-2018-10596 was published May 13, 2022
An issue in Zalo v23.09.01 allows attackers to obtain sensitive user information via a crafted... High Unreviewed
CVE-2024-53359 was published May 20, 2025
A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the... High Unreviewed
CVE-2019-1019 was published May 24, 2022
VMware Cloud Foundation contains an information disclosure vulnerability. A malicious actor with... High Unreviewed
CVE-2025-41230 was published May 20, 2025
The Wise Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed
CVE-2024-13613 was published May 17, 2025
A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf... High Unreviewed
CVE-2025-3877 was published May 14, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5... High Unreviewed
CVE-2025-31207 was published May 13, 2025
The issue was addressed with improved handling of caches. This issue is fixed in macOS Sequoia 15... High Unreviewed
CVE-2025-31256 was published May 13, 2025
A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 18.5 and... High Unreviewed
CVE-2025-31225 was published May 13, 2025
Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This... High Unreviewed
CVE-2025-0472 was published Jan 16, 2025
Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that... High Unreviewed
CVE-2022-30556 was published Jun 10, 2022
The Netic User Export add-on before 1.3.5 for Atlassian Confluence has the functionality to... High Unreviewed
CVE-2022-42977 was published Nov 15, 2022
NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper... High Unreviewed
CVE-2025-32986 was published Apr 25, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace. High Unreviewed
CVE-2025-32983 was published Apr 25, 2025
An issue was discovered in asith-eranga ISIC tour booking through version published on Feb 13th... High Unreviewed
CVE-2022-28607 was published Dec 1, 2022
An information disclosure vulnerability in the component /socket.io/1/websocket/ of Soundcraft Ui... High Unreviewed
CVE-2025-28235 was published Apr 18, 2025
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2025-23174 was published Apr 21, 2025
Open Ticket Request System (OTRS) 4.0.x before 4.0.28, 5.0.x before 5.0.26, and 6.0.x before 6.0... High Unreviewed
CVE-2017-17476 was published May 13, 2022
Pandora iOS app prior to version 8.3.2 fails to properly validate SSL certificates provided by... High Unreviewed
CVE-2017-3194 was published May 13, 2022
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing... High Unreviewed
CVE-2017-1000410 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database