Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

9,806 advisories

Loading
Intelbras IWR 3000N 1.9.8 exposes the Wi-Fi password in plaintext via the /api/wireless endpoint.... High Unreviewed
CVE-2025-55976 was published Sep 10, 2025
Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) in the diagnostic dump... Moderate Unreviewed
CVE-2025-10222 was published Sep 10, 2025
Through the provision of user names, SolaX Cloud will suggest (similar) user accounts and thereby... High Unreviewed
CVE-2025-36759 was published Sep 10, 2025
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Moderate Unreviewed
CVE-2025-55052 was published Sep 9, 2025
An issue in TP-Link AX10 Ax1500 v.1.3.10 Build (20230130) allows a remote attacker to obtain... High Unreviewed
CVE-2025-29089 was published Sep 9, 2025
Vite middleware may serve files starting with the same name with the public directory Low
CVE-2025-58751 was published for vite (npm) Sep 9, 2025
orihjfrog lukeed
Vite's `server.fs` settings were not applied to HTML files Low
CVE-2025-58752 was published for vite (npm) Sep 9, 2025
orihjfrog dominikg
Exposure of sensitive information to an unauthorized actor in Microsoft Office Plus allows an... High Unreviewed
CVE-2025-55243 was published Sep 9, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in... Moderate Unreviewed
CVE-2025-47997 was published Sep 9, 2025
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized... Moderate Unreviewed
CVE-2025-53804 was published Sep 9, 2025
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network... Moderate Unreviewed
CVE-2025-20270 was published Sep 9, 2025
TYPO3 CSV download feature information disclosure Moderate
CVE-2025-59019 was published for typo3/cms-backend (Composer) Sep 9, 2025
TYPO3 Workspaces Module Information Disclosure High
CVE-2025-59018 was published for typo3/cms-workspaces (Composer) Sep 9, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The... Low Unreviewed
CVE-2025-40803 was published Sep 9, 2025
A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC... Moderate Unreviewed
CVE-2025-40757 was published Sep 9, 2025
OPSI before 4.3 allows any client to retrieve any ProductPropertyState, including those of other... Critical Unreviewed
CVE-2025-22956 was published Sep 8, 2025
A vulnerability was identified in D-Link DIR-852 up to 1.00CN B09. Affected by this vulnerability... Moderate Unreviewed
CVE-2025-10093 was published Sep 8, 2025
The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is... Moderate Unreviewed
CVE-2025-7368 was published Sep 6, 2025
Atlantis Exposes Service Version Publicly on /status API Endpoint Low
CVE-2025-58445 was published for github.com/runatlantis/atlantis (Go) Sep 5, 2025
matthewmrichter
In isContentUriForOtherUser of BluetoothOppSendFileInfo.java, there is a possible cross user data... Moderate Unreviewed
CVE-2025-26453 was published Sep 5, 2025
Exposure of sensitive information to an unauthorized actor in Xbox allows an unauthorized... Moderate Unreviewed
CVE-2025-55242 was published Sep 5, 2025
In multiple locations, there is a possible way to leak hidden work profile notifications due to a... Moderate Unreviewed
CVE-2025-48527 was published Sep 4, 2025
Argo CD's Project API Token Exposes Repository Credentials Critical
CVE-2025-55190 was published for github.com/argoproj/argo-cd/v2 (Go) Sep 4, 2025
ntammineni5 34fathombelow
alexmt jannfis crenshaw-dev svghadi
Langchain Community Vulnerable to XML External Entity (XXE) Attacks High
CVE-2025-6984 was published for langchain-community (pip) Sep 4, 2025
Information disclosure High Unreviewed
CVE-2025-36895 was published Sep 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database