GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,288
Composer 4,638
Erlang 34
GitHub Actions 25
Go 2,249
Maven 5,490
npm 3,903
NuGet 702
pip 3,671
Pub 12
RubyGems 915
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 252,907

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,475 advisories

Filter by severity

Sort by

Least recently updated

CWE-200: Exposure of Sensitive Information to an Unauthorized Actor High Unreviewed

CVE-2025-23174 was published Apr 21, 2025

Interface exposure vulnerability in the mobile application (com.transsion.carlcare) may lead to ... High Unreviewed

CVE-2025-3698 was published Apr 16, 2025

Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). ... High Unreviewed

CVE-2025-30724 was published Apr 15, 2025

Exposure of sensitive information to an unauthorized actor in Outlook for Android allows an... High Unreviewed

CVE-2025-29805 was published Apr 8, 2025

The KB Support – Customer Support Ticket & Helpdesk Plugin, Knowledge Base Plugin plugin for... High Unreviewed

CVE-2024-13604 was published Apr 7, 2025

The Awesome Support – WordPress HelpDesk & Support Plugin plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-13567 was published Apr 1, 2025

Telesquare TLR-2005KSH 1.1.4 has an Information Disclosure vulnerability when requesting... High Unreviewed

CVE-2025-26009 was published Mar 26, 2025

Telesquare TLR-2005KSH 1.1.4 is vulnerable to Information Disclosure via the parameter... High Unreviewed

CVE-2025-26001 was published Mar 26, 2025

Vanna v0.6.3 is vulnerable to SQL injection via Snowflake database in its file staging operations... High Unreviewed

CVE-2024-8055 was published Mar 20, 2025

In version 1.5.5 of mintplex-labs/anything-llm, the `/setup-complete` API endpoint allows... High Unreviewed

CVE-2024-6842 was published Mar 20, 2025

In version 3.83 of binary-husky/gpt_academic, a Server-Side Request Forgery (SSRF) vulnerability... High Unreviewed

CVE-2024-11031 was published Mar 20, 2025

Exposure of password in web-based SSH authentication component in Devolutions Server 2024.3.13... High Unreviewed

CVE-2025-2277 was published Mar 13, 2025

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an... High Unreviewed

CVE-2025-24071 was published Mar 11, 2025

An exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0... High Unreviewed

CVE-2023-40723 was published Mar 11, 2025

Buffalo LS520D 4.53 is vulnerable to Arbitrary file read, which allows unauthenticated attackers... High Unreviewed

CVE-2025-26167 was published Mar 6, 2025

Information disclosure may occur due to improper permission and access controls to Video... High Unreviewed

CVE-2024-53011 was published Mar 3, 2025

An information disclosure vulnerability in the component /rest/cb/executeBasicSearch of Serosoft... High Unreviewed

CVE-2025-25951 was published Mar 3, 2025

The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is... High Unreviewed

CVE-2024-13911 was published Mar 1, 2025

The Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss... High Unreviewed

CVE-2024-13611 was published Mar 1, 2025

The Fluent Support – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable... High Unreviewed

CVE-2024-13568 was published Mar 1, 2025

An information disclosure vulnerability in Bosscomm IF740 Firmware versions:11001.7078 & v11001... High Unreviewed

CVE-2025-25729 was published Feb 28, 2025

An issue in IKEA CN iOS 4.13.0 allows attackers to access sensitive user information via... High Unreviewed

CVE-2025-25333 was published Feb 27, 2025

An issue in QiboSoft QiboCMS X1.0 allows a remote attacker to obtain sensitive information via... High Unreviewed

CVE-2025-22973 was published Feb 21, 2025

The File Uploads Addon for WooCommerce plugin for WordPress is vulnerable to Sensitive... High Unreviewed

CVE-2024-13622 was published Feb 18, 2025

A critical information disclosure vulnerability exists in the web-based management interface of... High Unreviewed

CVE-2025-22961 was published Feb 14, 2025

Previous 1 2 3 4 5 … 58 59 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,475 advisories