Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,265
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,972 advisories

Loading
The Trinity Audio – Text to Speech AI audio player to convert content into audio plugin for... Moderate Unreviewed
CVE-2025-9196 was published Oct 11, 2025
Permission verification bypass vulnerability in the Camera app. Successful exploitation of this... Moderate Unreviewed
CVE-2025-58277 was published Oct 11, 2025
Identity authentication bypass vulnerability in the Gallery app. Successful exploitation of this... Moderate Unreviewed
CVE-2025-58278 was published Oct 11, 2025
SaTECH BCU in its firmware version 2.1.3, allows an authenticated attacker to access information... Moderate Unreviewed
CVE-2025-2860 was published Mar 28, 2025
Authorization Bypass Through User-Controlled Key, Missing Authorization, Exposure of Sensitive... Moderate Unreviewed
CVE-2025-8887 was published Oct 10, 2025
Incorrect Permission Assignment for Critical Resource, Exposure of Sensitive Information to an... Moderate Unreviewed
CVE-2025-8886 was published Oct 10, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION This issue... Low Unreviewed
CVE-2025-52634 was published Oct 10, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION.This issue... Low Unreviewed
CVE-2025-52630 was published Oct 10, 2025
BBOT's git_clone.py can expose users' GitHub API keys to an attacker-controlled webserver Moderate
CVE-2025-10281 was published for bbot (pip) Oct 9, 2025
justinsteven liquidsec
Credited to justinsteven and liquidsec
Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to version 25.1.102 and... Moderate Unreviewed
CVE-2025-34220 was published Sep 29, 2025
A weakness has been identified in JhumanJ OpnForm up to 1.9.3. This affects an unknown function... Moderate Unreviewed
CVE-2025-11443 was published Oct 8, 2025
Successful exploitation of the vulnerability could allow an unauthenticated attacker to gain... Moderate Unreviewed
CVE-2025-48464 was published Oct 8, 2025
A security flaw has been discovered in kaifangqian kaifangqian-base up to... Moderate Unreviewed
CVE-2025-11406 was published Oct 7, 2025
The ChkCookie subroutine in an ActiveX control in broadweb/include/gChkCook.asp in Advantech... Moderate Unreviewed
CVE-2014-2367 was published May 17, 2022
upAdminPg.asp in Advantech WebAccess before 7.2 allows remote authenticated users to discover... Moderate Unreviewed
CVE-2014-2366 was published May 17, 2022
The BrowseFolder method in the bwocxrun ActiveX control in Advantech WebAccess before 7.2 allows... Moderate Unreviewed
CVE-2014-2368 was published May 17, 2022
When an error occurs in the application a full stacktrace is provided to the user. The... Moderate Unreviewed
CVE-2025-58581 was published Oct 6, 2025
When an error occurs in the application a full stacktrace is provided to the user. The stacktrace... Low Unreviewed
CVE-2025-58589 was published Oct 6, 2025
Innominate mGuard before 7.6.4 and 8.x before 8.0.3 does not require authentication for snapshot... Moderate Unreviewed
CVE-2014-2356 was published May 17, 2022
An information disclosure vulnerability has been discovered in SeaCMS 13.1. The vulnerability... Moderate Unreviewed
CVE-2025-60449 was published Oct 3, 2025
A security flaw has been discovered in Campcodes Farm Management System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-11079 was published Sep 27, 2025
The RestroPress – Online Food Ordering System plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2025-9209 was published Oct 3, 2025
Amtelco miSecureMessages (aka MSM) 6.2 does not properly manage sessions, which allows remote... Low Unreviewed
CVE-2014-2347 was published May 17, 2022
The Flock Safety Peripheral com.flocksafety.android.peripheral application 7.38.3 for Android ... High Unreviewed
CVE-2025-59405 was published Oct 2, 2025
YOSHOP 2.0 allows unauthenticated information disclosure via comment-list API endpoints in the... High Unreviewed
CVE-2025-56161 was published Oct 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database