Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,791
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,995
NuGet
720
pip
3,789
Pub
12
RubyGems
927
Rust
984
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,829 advisories

Loading
A vulnerability was found in rowboatlabs rowboat up to 8096eaf63b5a0732edd8f812bee05b78e214ee97.... Moderate Unreviewed
CVE-2025-7115 was published Jul 7, 2025
A vulnerability was found in SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b. It... Moderate Unreviewed
CVE-2025-7114 was published Jul 7, 2025
Vulnerability of bypassing the process to start SA and use related functions on distributed... High Unreviewed
CVE-2025-53169 was published Jul 7, 2025
A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4... Moderate Unreviewed
CVE-2025-7095 was published Jul 7, 2025
Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension... High Unreviewed
CVE-2025-6926 was published Jul 3, 2025
A cookie encryption bypass vulnerability exists in Google Chrome’s AppBound mechanism due to weak... Critical Unreviewed
CVE-2025-34092 was published Jul 2, 2025
Insufficient validation of the screen lock mechanism in Trust Wallet v8.45 allows physically... Moderate Unreviewed
CVE-2025-52294 was published Jul 1, 2025
A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748_B20211015... High Unreviewed
CVE-2025-6916 was published Jun 30, 2025
A misconfigured query in UniFi Network (v9.1.120 and earlier) could allow users to authenticate... Moderate Unreviewed
CVE-2025-24292 was published Jun 29, 2025
A vulnerability classified as critical was found in Comet System T0510, T3510, T3511, T4511,... High Unreviewed
CVE-2025-6763 was published Jun 27, 2025
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2... Critical Unreviewed
CVE-2025-32975 was published Jun 26, 2025
A vulnerability, which was classified as critical, has been found in xxyopen/201206030 novel-plus... Moderate Unreviewed
CVE-2025-6533 was published Jun 26, 2025
A vulnerability has been found in 70mai M300 up to 20250611 and classified as problematic.... Moderate Unreviewed
CVE-2025-6528 was published Jun 26, 2025
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a... High Unreviewed
CVE-2024-6174 was published Jun 26, 2025
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an Improper... High Unreviewed
CVE-2025-49851 was published Jun 24, 2025
A vulnerability classified as problematic has been found in 70mai 1S up to 20250611. This affects... Low Unreviewed
CVE-2025-6524 was published Jun 23, 2025
An unauthorized access vulnerability exists in the Xiaomi Mi Connect Service APP. The... Critical Unreviewed
CVE-2024-45347 was published Jun 23, 2025
An issue was discovered in the COROS application through 3.8.12 for Android. Bluetooth pairing... Critical Unreviewed
CVE-2025-32875 was published Jun 20, 2025
Permission vulnerability in the mobile application (com.afmobi.boomplayer) may lead to the risk... Critical Unreviewed
CVE-2025-6172 was published Jun 16, 2025
In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to... Moderate Unreviewed
CVE-2025-6083 was published Jun 13, 2025
Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion... Low Unreviewed
CVE-2024-38822 was published Jun 13, 2025
Salt has minion event bus authorization bypass vulnerability High
CVE-2025-22236 was published for salt (pip) Jun 13, 2025
Salt's salt.auth.pki module does not properly authenticate callers Moderate
CVE-2024-38825 was published for salt (pip) Jun 13, 2025
pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration High
CVE-2025-49146 was published for org.postgresql:postgresql (Maven) Jun 11, 2025
jawj
A vulnerability was found in code-projects School Fees Payment System 1.0 and classified as... Moderate Unreviewed
CVE-2025-5985 was published Jun 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database