Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,688
Erlang
34
GitHub Actions
27
Go
2,274
Maven
5,000+
npm
3,931
NuGet
706
pip
3,697
Pub
12
RubyGems
919
Rust
956
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,775 advisories

Loading
NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace. High Unreviewed
CVE-2025-32983 was published Apr 25, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File Accessible Without Proper... High Unreviewed
CVE-2025-32986 was published Apr 25, 2025
Moodle allows unauthenticated REST API user data exposure High
CVE-2025-32044 was published for moodle/moodle (Composer) Apr 25, 2025
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed
CVE-2025-23174 was published Apr 21, 2025
An information disclosure vulnerability in the component /socket.io/1/websocket/ of Soundcraft Ui... High Unreviewed
CVE-2025-28235 was published Apr 18, 2025
Interface exposure vulnerability in the mobile application (com.transsion.carlcare) may lead to ... High Unreviewed
CVE-2025-3698 was published Apr 16, 2025
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). ... High Unreviewed
CVE-2025-30724 was published Apr 15, 2025
Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an... High Unreviewed
CVE-2025-29805 was published Apr 8, 2025
The KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin plugin for... High Unreviewed
CVE-2024-13604 was published Apr 7, 2025
Unauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metrics High
CVE-2023-27591 was published for miniflux.app (Go) Apr 2, 2025
40826d fguillot
The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-13567 was published Apr 1, 2025
Telesquare TLR-2005KSH 1.1.4 has an Information Disclosure vulnerability when requesting... High Unreviewed
CVE-2025-26009 was published Mar 26, 2025
Telesquare TLR-2005KSH 1.1.4 is vulnerable to Information Disclosure via the parameter... High Unreviewed
CVE-2025-26001 was published Mar 26, 2025
Directus's webhook trigger flows can leak sensitive data High
CVE-2025-30353 was published for directus (npm) Mar 26, 2025
dzevs
Frappe vulnerable to information disclosure leading to account takeover High
CVE-2025-30214 was published for frappe (pip) Mar 25, 2025
yeuchimse
Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations... High Unreviewed
CVE-2024-8055 was published Mar 20, 2025
In version 1.5.5 of mintplex-labs/anything-llm, the `/setup-complete` API endpoint allows... High Unreviewed
CVE-2024-6842 was published Mar 20, 2025
In version 3.83 of binary-husky/gpt_academic, a Server-Side Request Forgery (SSRF) vulnerability... High Unreviewed
CVE-2024-11031 was published Mar 20, 2025
Exposure of password in web-based SSH authentication component in Devolutions Server 2024.3.13... High Unreviewed
CVE-2025-2277 was published Mar 13, 2025
Prototype Pollution Vulnerability in parse-git-config High
CVE-2025-25975 was published for parse-git-config (npm) Mar 12, 2025
Malayke
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an... High Unreviewed
CVE-2025-24071 was published Mar 11, 2025
An exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0... High Unreviewed
CVE-2023-40723 was published Mar 11, 2025
com.xwiki.confluencepro:application-confluence-migrator-pro-ui's application homepage is public High
CVE-2025-27604 was published for com.xwiki.confluencepro:application-confluence-migrator-pro-ui (Maven) Mar 7, 2025
Buffalo LS520D 4.53 is vulnerable to Arbitrary file read, which allows unauthenticated attackers... High Unreviewed
CVE-2025-26167 was published Mar 6, 2025
Information disclosure may occur due to improper permission and access controls to Video... High Unreviewed
CVE-2024-53011 was published Mar 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database