Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,053
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,963 advisories

Loading
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-8676 was published Aug 15, 2025
A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the... Moderate Unreviewed
CVE-2025-9005 was published Aug 15, 2025
The Lotus Cars Android app (com.lotus.carsdomestic.intl) 1.2.8 has allowBackup=true set in its... Moderate Unreviewed
CVE-2025-50862 was published Aug 14, 2025
Information Disclosure in Amazon ECS Container Agent Moderate
CVE-2025-9039 was published for github.com/aws/amazon-ecs-agent (Go) Aug 14, 2025
A security issue in the runtime event system allows unauthenticated connections to receive a... High Unreviewed
CVE-2025-9036 was published Aug 14, 2025
In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ with any invalid... Critical Unreviewed
CVE-2025-27845 was published Aug 14, 2025
Apache Superset data query improperly discloses database schema information to low-privileged guest user Moderate
CVE-2025-55673 was published for apache-superset (pip) Aug 14, 2025
KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an unauthenticated API endpoint (ajax_get.cgi),... High Unreviewed
CVE-2025-43988 was published Aug 13, 2025
An issue was discovered on KuWFi GC111 GC111-GL-LM321_V3.0_20191211 devices. The TELNET service... Critical Unreviewed
CVE-2025-43986 was published Aug 13, 2025
Exposure of sensitive information to an unauthorized actor in Azure Virtual Machines allows an... High Unreviewed
CVE-2025-53781 was published Aug 12, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises... Moderate Unreviewed
CVE-2025-53728 was published Aug 12, 2025
Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an... Moderate Unreviewed
CVE-2025-53136 was published Aug 12, 2025
Exposure of sensitive information to an unauthorized actor in Storage Port Driver allows an... Moderate Unreviewed
CVE-2025-53156 was published Aug 12, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed
CVE-2025-53134 was published Aug 12, 2025
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an... High Unreviewed
CVE-2025-50154 was published Aug 12, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Exchange Server allows an... High Unreviewed
CVE-2025-33051 was published Aug 12, 2025
Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software... Low Unreviewed
CVE-2025-27707 was published Aug 12, 2025
Log files uploaded during troubleshooting by the Harmony SASE agent may have been accessible to... High Unreviewed
CVE-2025-3831 was published Aug 12, 2025
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... High Unreviewed
CVE-2025-40768 was published Aug 12, 2025
The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure... Moderate Unreviewed
CVE-2025-4390 was published Aug 12, 2025
YugabyteDB Anywhere web server does not properly enforce authentication for the /metamaster... Moderate Unreviewed
CVE-2025-8866 was published Aug 11, 2025
A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part... Moderate Unreviewed
CVE-2025-8852 was published Aug 11, 2025
A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as... Moderate Unreviewed
CVE-2025-8738 was published Aug 8, 2025
The AuthKit Remix Library renders sensitive auth data in HTML High
CVE-2025-55009 was published for @workos-inc/authkit-remix (npm) Aug 8, 2025
cai0duque
Credited to cai0duque
The AuthKit React Router Library rendered sensitive auth data in HTML High
CVE-2025-55008 was published for @workos-inc/authkit-react-router (npm) Aug 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database