Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,970 advisories

Loading
Opencast still publishes global system account credentials Moderate
CVE-2025-54380 was published for org.opencastproject:opencast-common (Maven) Jul 25, 2025
lkiesow
Credited to lkiesow
A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown... Moderate Unreviewed
CVE-2025-9461 was published Aug 26, 2025
Mahara before 22.10.4 and 23.x before 23.04.4 allows information disclosure if the experimental... High Unreviewed
CVE-2023-47799 was published Aug 25, 2025
Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in... Critical Unreviewed
CVE-2025-7426 was published Aug 25, 2025
A security vulnerability has been detected in YiFang CMS up to 2.0.5. Affected by this... Moderate Unreviewed
CVE-2025-9398 was published Aug 25, 2025
A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an... Low Unreviewed
CVE-2025-9381 was published Aug 24, 2025
A vulnerability was determined in Scada-LTS 2.7.8.1. Affected by this vulnerability is an unknown... Moderate Unreviewed
CVE-2025-9139 was published Aug 19, 2025
Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs Moderate
CVE-2025-50738 was published for github.com/usememos/memos (Go) Jul 29, 2025
An information disclosure vulnerability leading to a potential local escalation of privilege in... High Unreviewed
CVE-2019-8998 was published May 24, 2022
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an information disclosure... High Unreviewed
CVE-2017-3892 was published May 17, 2022
An unauthenticated remote attacker can access information about running processes via the SNMP... High Unreviewed
CVE-2025-41654 was published May 26, 2025
An unauthenticated remote attacker can read out sensitive device information through a... High Unreviewed
CVE-2024-6421 was published Jul 10, 2024
@musistudio/claude-code-router has improper CORS configuration High
CVE-2025-57755 was published for @musistudio/claude-code-router (npm) Aug 21, 2025
ttttmr
Credited to ttttmr
A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some... Moderate Unreviewed
CVE-2025-9240 was published Aug 20, 2025
A vulnerability in the debug logging function of Cisco Duo Authentication Proxy could allow an... Moderate Unreviewed
CVE-2025-20345 was published Aug 20, 2025
Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wf_get_cookie... High Unreviewed
CVE-2025-7654 was published Aug 19, 2025
The Lotus Cars Android app (com.lotus.carsdomestic.intl) 1.2.8 has allowBackup=true set in its... Moderate Unreviewed
CVE-2025-50862 was published Aug 14, 2025
This issue was addressed with improved checks. This issue is fixed in Apple Music Classical 2.3... Moderate Unreviewed
CVE-2025-43201 was published Aug 16, 2025
The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12575 was published Aug 16, 2025
In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ with any invalid... Critical Unreviewed
CVE-2025-27845 was published Aug 14, 2025
There is an unauthorized access vulnerability in ZTE F50. Due to improper permission control of... Moderate Unreviewed
CVE-2025-26709 was published Aug 15, 2025
The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less... Moderate Unreviewed
CVE-2025-8091 was published Aug 15, 2025
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-8676 was published Aug 15, 2025
A vulnerability was determined in mtons mblog up to 3.5.0. Affected is an unknown function of the... Moderate Unreviewed
CVE-2025-9005 was published Aug 15, 2025
Information Disclosure in Amazon ECS Container Agent Moderate
CVE-2025-9039 was published for github.com/aws/amazon-ecs-agent (Go) Aug 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database