Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,975 advisories

Loading
Relatedcode's Messenger version 7bcd20b allows an authenticated external attacker to access... Moderate Unreviewed
CVE-2022-41707 was published Oct 19, 2022
Moodle vulnerable to Exposure of Sensitive Information to an Unauthorized Actor Moderate
CVE-2013-4522 was published for moodle/moodle (Composer) May 13, 2022
AnonySE26
Credited to AnonySE26
Path traversal vulnerability in the DFS module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2025-31174 was published Apr 7, 2025
Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This... High Unreviewed
CVE-2025-0472 was published Jan 16, 2025
A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an... Moderate Unreviewed
CVE-2025-20221 was published May 7, 2025
The popup-builder plugin before 3.64.1 for WordPress allows information disclosure and settings... Moderate Unreviewed
CVE-2020-10195 was published May 24, 2022
The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is... Moderate Unreviewed
CVE-2025-3851 was published May 7, 2025
The issue was addressed with additional restrictions on the observability of app states. This... Low Unreviewed
CVE-2022-32913 was published Nov 2, 2022
This issue was addressed with improved data protection. This issue is fixed in macOS Big Sur 11.7... Moderate Unreviewed
CVE-2022-32862 was published Nov 2, 2022
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX... Moderate Unreviewed
CVE-2025-47418 was published May 6, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Crestron Automate VX... Moderate Unreviewed
CVE-2025-47417 was published May 6, 2025
The issue was addressed with improved memory handling. This issue is fixed in iOS 16, macOS... Moderate Unreviewed
CVE-2022-32858 was published Nov 2, 2022
This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An... Low Unreviewed
CVE-2022-32835 was published Nov 2, 2022
An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an... Moderate Unreviewed
CVE-2022-23738 was published Nov 1, 2022
A configuration issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2022-32877 was published Nov 2, 2022
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur... Moderate Unreviewed
CVE-2022-32875 was published Nov 2, 2022
Vulnerability of insufficient information protection in the media library module Impact:... Moderate Unreviewed
CVE-2024-58252 was published May 6, 2025
A logic issue was addressed with improved state management. This issue is fixed in iOS 16, macOS... Low Unreviewed
CVE-2022-32870 was published Nov 2, 2022
Keystone has an unintended `isFilterable` bypass that can be used as an oracle to match hidden fields Low
CVE-2025-46720 was published for @keystone-6/core (npm) May 5, 2025
emmatown dcousens
Credited to emmatown and dcousens
A vulnerability, which was classified as problematic, was found in Shenzhen Sixun Software Sixun... Moderate Unreviewed
CVE-2025-4281 was published May 5, 2025
Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet... Moderate Unreviewed
CVE-2021-0166 was published Feb 11, 2022
Exposure of Sensitive Information to an Unauthorized Actor in firmware for some Intel(R) PROSet... Moderate Unreviewed
CVE-2021-0170 was published Feb 11, 2022
"IBM Robotic Process Automation for Cloud Pak 21.0.1, 21.0.2, 21.0.3, 21.0.4, and 21.0.5 is... Low Unreviewed
CVE-2022-42442 was published Nov 4, 2022
A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been declared as problematic.... Moderate Unreviewed
CVE-2025-4271 was published May 5, 2025
A vulnerability was found in TOTOLINK A720R 4.1.5cu.374. It has been classified as problematic.... Moderate Unreviewed
CVE-2025-4270 was published May 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database