Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,971 advisories

Loading
Janssen Config API returns results without scope verification High
CVE-2025-53003 was published for io.jans:jans-config-api-server (Maven) Jun 30, 2025
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB... Moderate Unreviewed
CVE-2012-6441 was published May 17, 2022
Apache ZooKeeper vulnerable to information disclosure in persistent watchers handling Moderate
CVE-2024-23944 was published for org.apache.zookeeper:zookeeper (Maven) Mar 15, 2024
DNN.PLATFORM leaks NTLM hash via SMB Share Interaction with malicious user input High
CVE-2025-52488 was published for DNN.PLATFORM (NuGet) Jun 20, 2025
infosec-au
Credited to infosec-au
Improper access control in the Password History feature in Devolutions DVLS 2024.3.6 and earlier... Moderate Unreviewed
CVE-2024-10971 was published Nov 12, 2024
A vulnerability exists in the Web interface of the MicroSCADA X SYS600 product. The filtering... High Unreviewed
CVE-2025-39204 was published Jun 24, 2025
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.2.0.3... High Unreviewed
CVE-2025-27827 was published Jun 26, 2025
An issue in NCR Terminal Handler 1.5.1 allows a low-level privileged authenticated attacker to... Moderate Unreviewed
CVE-2023-47298 was published Jun 23, 2025
An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and... Critical Unreviewed
CVE-2023-47029 was published Jun 23, 2025
Windows Kernel Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-34708. Moderate Unreviewed
CVE-2022-30197 was published Aug 10, 2022
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache HertzBeat. ... High Unreviewed
CVE-2024-45791 was published Nov 18, 2024
OPPO Clone Phone uses a weak password WiFi hotspot to transfer files, resulting in Information... High Unreviewed
CVE-2025-27387 was published Jun 23, 2025
The Versa Director SD-WAN orchestration platform provides direct web-based access to uCPE virtual... High Unreviewed
CVE-2025-23173 was published Jun 19, 2025
An issue in ZKTeco BioTime v.8.5.4 and before allows a remote attacker to obtain sensitive... High Unreviewed
CVE-2023-51142 was published Apr 11, 2024
An issue in Q co ltd mini-app on Line v13.6.1 allows attackers to send crafted malicious... Moderate Unreviewed
CVE-2023-43996 was published Jan 24, 2024
CloudLinux CageFS 7.1.1-1 or below passes the authentication token as command line argument. In... High Unreviewed
CVE-2020-36771 was published Jan 22, 2024
Component exposure vulnerability in the Wi-Fi module. Successful exploitation of this... Critical Unreviewed
CVE-2023-52101 was published Jan 16, 2024
An information disclosure vulnerability exists in Aquatronica Controller System firmware versions... Critical Unreviewed
CVE-2025-25037 was published Jun 20, 2025
An issue in the component /cgi-bin/GetJsonValue.cgi of Cellinx NVT Web Server 5.0.0.014 allows... Moderate Unreviewed
CVE-2024-24215 was published Feb 8, 2024
An issue in kosei entertainment esportsstudioLegends mini-app on Line v13.6.1 allows attackers to... Moderate Unreviewed
CVE-2023-48132 was published Jan 26, 2024
An issue in kimono-oldnew mini-app on Line v13.6.1 allows attackers to send crafted malicious... Moderate Unreviewed
CVE-2023-48129 was published Jan 26, 2024
An issue in picot.golf mini-app on Line v13.6.1 allows attackers to send crafted malicious... Moderate Unreviewed
CVE-2023-43995 was published Jan 24, 2024
An issue in Yoruichi hobby base mini-app on Line v13.6.1 allows attackers to send crafted... Moderate Unreviewed
CVE-2023-43997 was published Jan 24, 2024
An issue in STOCKMAN GROUP mini-app on Line v13.6.1 allows attackers to send crafted malicious... Moderate Unreviewed
CVE-2023-43992 was published Jan 24, 2024
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The... Low Unreviewed
CVE-2024-20920 was published Jan 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database