Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,970 advisories

Loading
In multiple locations, there is a possible way to leak hidden work profile notifications due to a... Moderate Unreviewed
CVE-2025-48527 was published Sep 4, 2025
An information disclosure vulnerability exists in the Vault API functionality of ClearML... High Unreviewed
CVE-2024-43779 was published Feb 6, 2025
An exposure of sensitive information vulnerability was identified in GitHub Enterprise Server... Moderate Unreviewed
CVE-2025-6600 was published Jul 1, 2025
Langchain Community Vulnerable to XML External Entity (XXE) Attacks High
CVE-2025-6984 was published for langchain-community (pip) Sep 4, 2025
Interface exposure vulnerability in the mobile application (com.transsion.carlcare) may lead to ... High Unreviewed
CVE-2025-3698 was published Apr 16, 2025
Logical vulnerability in the mobile application (com.transsion.carlcare) may lead to user... High Unreviewed
CVE-2024-7697 was published Aug 12, 2024
Exposure of sensitive information to an unauthorized actor in Xbox allows an unauthorized... Moderate Unreviewed
CVE-2025-55242 was published Sep 5, 2025
Information disclosure High Unreviewed
CVE-2025-36895 was published Sep 4, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sitecore Sitecore... High Unreviewed
CVE-2025-53694 was published Sep 3, 2025
A vulnerability was detected in Das Parking Management System 停车场管理系统 6.2.0. This impacts an... Moderate Unreviewed
CVE-2025-9842 was published Sep 3, 2025
It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT... High Unreviewed
CVE-2017-2624 was published May 13, 2022
, aka 'Microsoft Dynamics Business Central/NAV Information Disclosure'. Moderate Unreviewed
CVE-2020-17133 was published May 24, 2022
, aka 'Windows SMB Information Disclosure Vulnerability'. Moderate Unreviewed
CVE-2020-17140 was published May 24, 2022
, aka 'Windows Error Reporting Information Disclosure Vulnerability'. This CVE ID is unique from... Moderate Unreviewed
CVE-2020-17138 was published May 24, 2022
, aka 'Microsoft Exchange Information Disclosure Vulnerability'. High Unreviewed
CVE-2020-17143 was published May 24, 2022
Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is... Low Unreviewed
CVE-2025-51643 was published Aug 28, 2025
Valtimo scripting engine can be used to gain access to sensitive data or resources Critical
CVE-2025-58059 was published for com.ritense.valtimo:core (Maven) Aug 28, 2025
Contao can disclose sensitive information in the news module Moderate
CVE-2025-57757 was published for contao/contao (Composer) Aug 28, 2025
fritzmg
Credited to fritzmg
Contao discloses sensitive information in the front end search index Moderate
CVE-2025-57756 was published for contao/contao (Composer) Aug 28, 2025
fritzmg
Credited to fritzmg
The Xagio SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed
CVE-2024-13807 was published Aug 28, 2025
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged... Moderate Unreviewed
CVE-2022-31674 was published Aug 11, 2022
Windows Defender Credential Guard Information Disclosure Vulnerability. This CVE ID is unique... Moderate Unreviewed
CVE-2022-34704 was published Aug 10, 2022
A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series... Moderate Unreviewed
CVE-2025-20290 was published Aug 27, 2025
Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to... Critical Unreviewed
CVE-2024-39335 was published Aug 26, 2025
Mahara before 24.04.9 exposes database connection information if the database becomes unreachable... High Unreviewed
CVE-2025-29992 was published Aug 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database