Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

9,056 advisories

Loading
A vulnerability classified as problematic was found in RT-Thread up to 5.1.0. Affected by this... Moderate Unreviewed
CVE-2025-1115 was published Feb 8, 2025
An issue in Brainasoft Braina v2.8 allows a remote attacker to obtain sensitive information via... High Unreviewed
CVE-2024-55272 was published Feb 8, 2025
SQL injection vulnerability in Beijing Guoju Information Technology Co., Ltd JeecgBoot v.3.7.2... High Unreviewed
CVE-2024-57606 was published Feb 8, 2025
Jenkins discloses project names via fingerprints High
CVE-2015-5317 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Connect-CMS information that is restricted to viewing is visible High
GHSA-2237-5r9w-vm8j was published for opensource-workshop/connect-cms (Composer) Feb 7, 2025
The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports... High Unreviewed
CVE-2018-5430 was published May 13, 2022
Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact... High Unreviewed
CVE-2008-0655 was published May 1, 2022
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Easy Digital... Moderate Unreviewed
CVE-2024-32100 was published May 14, 2024
An information disclosure vulnerability exists in the Vault API functionality of ClearML... High Unreviewed
CVE-2024-43779 was published Feb 6, 2025
front/icon.send.php in the CMDB plugin before 3.0.3 for GLPI allows attackers to gain read access... Moderate Unreviewed
CVE-2022-34125 was published Apr 16, 2023
Brocade SANnav before Brocade SANnav v2.3.1 lacks protection mechanisms on port 2377/TCP and 7946... High Unreviewed
CVE-2024-4159 was published Apr 25, 2024
A vulnerability in Brocade SANnav ova versions before Brocade SANnav v2.3.1 and v2.3.0a exposes... Critical Unreviewed
CVE-2024-4173 was published Apr 25, 2024
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325... High Unreviewed
CVE-2019-1653 was published May 13, 2022
PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext Low
CVE-2025-23215 was published for net.sourceforge.pmd:pmd-core (Maven) Jan 31, 2025
hboutemy
Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-57955 was published Feb 6, 2025
Permission verification vulnerability in the media library module Impact: Successful exploitation... Moderate Unreviewed
CVE-2024-57954 was published Feb 6, 2025
A vulnerability in Simple Network Management Protocol (SNMP) polling for Cisco Secure Email and... Moderate Unreviewed
CVE-2025-20207 was published Feb 5, 2025
Grafana Alerting VictorOps integration could be exposed to users with Viewer permission Moderate
CVE-2024-11741 was published for github.com/grafana/grafana (Go) Jan 31, 2025
kube-audit-rest's example logging configuration could disclose secret values in the audit log Moderate
CVE-2025-24884 was published for github.com/RichardoC/kube-audit-rest (Go) Jan 29, 2025
Kubewarden-Controller information leak via AdmissionPolicyGroup Resource Moderate
CVE-2025-24784 was published for github.com/kubewarden/kubewarden-controller (Go) Jan 30, 2025
flavio
Argo CD does not scrub secret values from patch errors Moderate
CVE-2025-23216 was published for github.com/argoproj/argo-cd (Go) Jan 30, 2025
svghadi
The WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto plugin for... Moderate Unreviewed
CVE-2024-13829 was published Feb 5, 2025
Browsershot Improper Input Validation vulnerability Moderate
CVE-2024-21549 was published for spatie/browsershot (Composer) Dec 20, 2024
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation... Low Unreviewed
CVE-2025-23073 was published Jan 14, 2025
The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in... High Unreviewed
CVE-2023-28770 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database