Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,964 advisories

Loading
This issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS... Moderate Unreviewed
CVE-2025-43246 was published Jul 30, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6.... Moderate Unreviewed
CVE-2025-43215 was published Jul 30, 2025
This issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6... Critical Unreviewed
CVE-2025-43189 was published Jul 30, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-31279 was published Jul 30, 2025
Umbraco Delivery API allows for cached requests to be returned with an invalid API key Moderate
CVE-2025-54425 was published for Umbraco.Cms.Api.Delivery (NuGet) Jul 29, 2025
Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs Moderate
CVE-2025-50738 was published for github.com/usememos/memos (Go) Jul 29, 2025
A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been classified as... Moderate Unreviewed
CVE-2025-8226 was published Jul 27, 2025
Opencast still publishes global system account credentials Moderate
CVE-2025-54380 was published for org.opencastproject:opencast-common (Maven) Jul 25, 2025
lkiesow
Credited to lkiesow
Certain HP DesignJet products may be vulnerable to information disclosure though printer's web... Moderate Unreviewed
CVE-2025-3508 was published Jul 25, 2025
An information disclosure vulnerability exits in Sitecore JSS React Sample Application 11.0.0 -... High Unreviewed
CVE-2020-36850 was published Jul 25, 2025
The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-7780 was published Jul 25, 2025
HCL iAutomate is affected by a sensitive data exposure vulnerability. This issue may allow... High Unreviewed
CVE-2025-31955 was published Jul 24, 2025
Possible ORM Leak Vulnerability in the Harbor Moderate
CVE-2025-30086 was published for github.com/goharbor/harbor (Go) Jul 23, 2025
In some cases search terms persisted in the URL bar even after navigating away from the search... High Unreviewed
CVE-2025-8039 was published Jul 22, 2025
The Birth Chart Compatibility plugin for WordPress is vulnerable to Full Path Disclosure in all... Moderate Unreviewed
CVE-2025-6082 was published Jul 22, 2025
An issue in hMailServer v.5.8.6 allows a local attacker to obtain sensitive information via the... Moderate Unreviewed
CVE-2025-52372 was published Jul 21, 2025
WinMatrix3 Web package developed by Simopro Technology has a SQL Injection vulnerability,... High Unreviewed
CVE-2025-7919 was published Jul 21, 2025
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2025-46382 was published Jul 20, 2025
A vulnerability was found in Metasoft 美特软件 MetaCRM up to 6.4.2. It has been rated as problematic.... Moderate Unreviewed
CVE-2025-7874 was published Jul 20, 2025
In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as... High Unreviewed
CVE-2025-7394 was published Jul 19, 2025
An issue in Perplexity AI GPT-4 v.2.51.0 allows a remote attacker to obtain sensitive information... High Unreviewed
CVE-2025-50708 was published Jul 18, 2025
HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user... Low Unreviewed
CVE-2024-42209 was published Jul 17, 2025
Grafana's insecure DingDing Alert integration exposes sensitive information Moderate
CVE-2025-3415 was published for github.com/grafana/grafana (Go) Jul 17, 2025
An unauthenticated arbitrary file read exists in LILIN Digital Video Recorder (DVR) devices prior... High Unreviewed
CVE-2025-34130 was published Jul 17, 2025
Reactor Netty HTTP is vulnerable to credential leaks during chained redirects Moderate
CVE-2025-22227 was published for io.projectreactor.netty:reactor-netty-http (Maven) Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database