Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

6,768 advisories

Loading
Canonical LXD Project Existence Determination Through Error Handling in Image Export Function Moderate
CVE-2025-54290 was published for github.com/canonical/lxd (Go) Oct 2, 2025
Exposure of sensitive information in Viday. This vulnerability could allow an attacker to obtain... Moderate Unreviewed
CVE-2025-40646 was published Oct 2, 2025
The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-10744 was published Oct 1, 2025
FormCMS has an improper access control vulnerability in the /api/schemas/history/[schemaId] endpoint Moderate
CVE-2025-55797 was published for FormCMS (NuGet) Sep 30, 2025
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and... Moderate Unreviewed
CVE-2025-34220 was published Sep 29, 2025
A security flaw has been discovered in Campcodes Farm Management System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-11079 was published Sep 27, 2025
An issue in Aranda PassRecovery v1.0 allows attackers to enumerate valid user accounts in Active... Moderate Unreviewed
CVE-2025-45994 was published Sep 26, 2025
Mercusys MW305R 3.30 and below is has a Transport Layer Security (TLS) certificate private key... Moderate Unreviewed
CVE-2025-56463 was published Sep 26, 2025
A security flaw has been discovered in givanz Vvveb up to 1.0.7.2. This affects an unknown part... Moderate Unreviewed
CVE-2025-11028 was published Sep 26, 2025
OpenMLS improper persistence of the secret tree during message processing Moderate
GHSA-qr9h-x63w-vqfm was published for openmls (Rust) Sep 26, 2025
erdoganege fatihergin
Credited to erdoganege and fatihergin
A vulnerability was determined in givanz Vvveb up to 1.0.7.2. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-11026 was published Sep 26, 2025
Rancher sends sensitive information to external services through the `/meta/proxy` endpoint Moderate
CVE-2025-54468 was published for github.com/rancher/rancher (Go) Sep 26, 2025
ml-logger file handler allows reading arbitrary files Moderate
CVE-2025-10952 was published for ml-logger (pip) Sep 25, 2025
Dell PowerScale OneFS, versions 9.5.0.0 through 9.11.0.0, contains an exposure of sensitive... Moderate Unreviewed
CVE-2025-36601 was published Sep 25, 2025
The 2wcom IP-4c 2.15.5 device's web interface includes an information disclosure vulnerability.... Moderate Unreviewed
CVE-2025-57433 was published Sep 22, 2025
Ericsson Catalog Manager and Ericsson Order Care APIs do not have authentication enabled by... Moderate Unreviewed
CVE-2024-25011 was published Sep 18, 2025
A security vulnerability has been detected in Portabilis i-Educar up to 2.10. Impacted is an... Moderate Unreviewed
CVE-2025-10607 was published Sep 17, 2025
There is an unauthorized access vulnerability in ZTE T5400. Due to improper permission control of... Moderate Unreviewed
CVE-2025-26711 was published Sep 16, 2025
The The Events Calendar plugin for WordPress is vulnerable to Information Exposure in all... Moderate Unreviewed
CVE-2025-9808 was published Sep 16, 2025
The issue was addressed with improved handling of caches. This issue is fixed in tvOS 26, Safari... Moderate Unreviewed
CVE-2025-43356 was published Sep 16, 2025
A privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Sonoma 14.8,... Moderate Unreviewed
CVE-2025-43367 was published Sep 16, 2025
A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is an unknown function of the file ... Moderate Unreviewed
CVE-2025-10321 was published Sep 12, 2025
An issue was discovered in AXIS BANK LIMITED Axis Mobile App 9.9 allowing attackers to gain... Moderate Unreviewed
CVE-2025-56467 was published Sep 12, 2025
Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) in the diagnostic dump... Moderate Unreviewed
CVE-2025-10222 was published Sep 10, 2025
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2025-55052 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database