Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

299 advisories

Loading
An issue was discovered in ExonautWeb in 4C Strategies Exonaut 21.6. There are verbose error... Critical Unreviewed
CVE-2025-46658 was published Aug 5, 2025
loginok.html in Wing FTP Server before 7.4.4 discloses the full local installation path of the... Moderate Unreviewed
CVE-2025-47813 was published Jul 10, 2025
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2024-37524 was published Jul 10, 2025
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2025-36090 was published Jul 10, 2025
Improper error handling vulnerability in versions prior to 4.7.0 of Quiter Gateway by Quiter.... Moderate Unreviewed
CVE-2025-40718 was published Jul 8, 2025
In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose SQL error messages on creadb... High Unreviewed
CVE-2025-44203 was published Jun 20, 2025
HCL DRYiCE MyXalytics is impacted by an improper error handling vulnerability. The application... Low Unreviewed
CVE-2023-50348 was published Jan 3, 2024
A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support.... Moderate Unreviewed
CVE-2022-0563 was published Feb 22, 2022
IBM Verify Identity Access Digital Credentials 24.06 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2024-56342 was published Jun 6, 2025
IBM Security Guardium 12.0 could allow a remote attacker to obtain sensitive information when a... Moderate Unreviewed
CVE-2025-25025 was published May 28, 2025
User enumeration vulnerability in M3M Printer Server Web. This issue occurs during user... Moderate Unreviewed
CVE-2025-40653 was published May 26, 2025
Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which... Moderate Unreviewed
CVE-2025-41441 was published May 26, 2025
In affected versions of Octopus Deploy it is possible to reveal the Space ID of spaces that the... Moderate Unreviewed
CVE-2022-2760 was published Sep 29, 2022
An administrator could discover another account's credentials. Moderate Unreviewed
CVE-2025-46746 was published May 12, 2025
In affected versions of Octopus Server it is possible to reveal the existence of resources in a... Moderate Unreviewed
CVE-2022-2508 was published Oct 27, 2022
When a Web User without Create permission on subfolders attempts to upload a file to a non... Low Unreviewed
CVE-2025-0049 was published Apr 28, 2025
There is an information disclosure vulnerability in the GoldenDB database product. Attackers can... Moderate Unreviewed
CVE-2025-46575 was published Apr 27, 2025
IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a... Moderate Unreviewed
CVE-2025-25045 was published Apr 24, 2025
In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of... Low Unreviewed
CVE-2022-20525 was published Dec 20, 2022
Nextcloud Server before 9.0.52 & ownCloud Server before 9.0.4 are vulnerable to a log pollution... Moderate Unreviewed
CVE-2016-9459 was published May 13, 2022
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message disclosing existence of... Moderate Unreviewed
CVE-2017-0885 was published May 13, 2022
A vulnerability in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to... Moderate Unreviewed
CVE-2025-20150 was published Apr 16, 2025
When importing resources using Web Workers, error messages would distinguish the difference... Moderate Unreviewed
CVE-2022-22760 was published Dec 22, 2022
Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP... Moderate Unreviewed
CVE-2010-3332 was published May 13, 2022
An issue has been discovered in GitLab EE affecting all versions from 17.1 before 17.8.7, 17.9... Moderate Unreviewed
CVE-2024-11129 was published Apr 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database