GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
9,806 advisories
Filter by severity
Intelbras IWR 3000N 1.9.8 exposes the Wi-Fi password in plaintext via the /api/wireless endpoint....
High
Unreviewed
CVE-2025-55976
was published
Sep 10, 2025
Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) in the diagnostic dump...
Moderate
Unreviewed
CVE-2025-10222
was published
Sep 10, 2025
Through the provision of user names, SolaX Cloud will suggest (similar) user accounts and thereby...
High
Unreviewed
CVE-2025-36759
was published
Sep 10, 2025
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
Moderate
Unreviewed
CVE-2025-55052
was published
Sep 9, 2025
An issue in TP-Link AX10 Ax1500 v.1.3.10 Build (20230130) allows a remote attacker to obtain...
High
Unreviewed
CVE-2025-29089
was published
Sep 9, 2025
Vite middleware may serve files starting with the same name with the public directory
Low
CVE-2025-58751
was published
for
vite
(npm)
Sep 9, 2025
Vite's `server.fs` settings were not applied to HTML files
Low
CVE-2025-58752
was published
for
vite
(npm)
Sep 9, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Office Plus allows an...
High
Unreviewed
CVE-2025-55243
was published
Sep 9, 2025
Concurrent execution using shared resource with improper synchronization ('race condition') in...
Moderate
Unreviewed
CVE-2025-47997
was published
Sep 9, 2025
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized...
Moderate
Unreviewed
CVE-2025-53804
was published
Sep 9, 2025
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network...
Moderate
Unreviewed
CVE-2025-20270
was published
Sep 9, 2025
TYPO3 CSV download feature information disclosure
Moderate
CVE-2025-59019
was published
for
typo3/cms-backend
(Composer)
Sep 9, 2025
TYPO3 Workspaces Module Information Disclosure
High
CVE-2025-59018
was published
for
typo3/cms-workspaces
(Composer)
Sep 9, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The...
Low
Unreviewed
CVE-2025-40803
was published
Sep 9, 2025
A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC...
Moderate
Unreviewed
CVE-2025-40757
was published
Sep 9, 2025
OPSI before 4.3 allows any client to retrieve any ProductPropertyState, including those of other...
Critical
Unreviewed
CVE-2025-22956
was published
Sep 8, 2025
A vulnerability was identified in D-Link DIR-852 up to 1.00CN B09. Affected by this vulnerability...
Moderate
Unreviewed
CVE-2025-10093
was published
Sep 8, 2025
The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is...
Moderate
Unreviewed
CVE-2025-7368
was published
Sep 6, 2025
Atlantis Exposes Service Version Publicly on /status API Endpoint
Low
CVE-2025-58445
was published
for
github.com/runatlantis/atlantis
(Go)
Sep 5, 2025
In isContentUriForOtherUser of BluetoothOppSendFileInfo.java, there is a possible cross user data...
Moderate
Unreviewed
CVE-2025-26453
was published
Sep 5, 2025
Exposure of sensitive information to an unauthorized actor in Xbox allows an unauthorized...
Moderate
Unreviewed
CVE-2025-55242
was published
Sep 5, 2025
In multiple locations, there is a possible way to leak hidden work profile notifications due to a...
Moderate
Unreviewed
CVE-2025-48527
was published
Sep 4, 2025
Argo CD's Project API Token Exposes Repository Credentials
Critical
CVE-2025-55190
was published
for
github.com/argoproj/argo-cd/v2
(Go)
Sep 4, 2025
Langchain Community Vulnerable to XML External Entity (XXE) Attacks
High
CVE-2025-6984
was published
for
langchain-community
(pip)
Sep 4, 2025
ProTip!
Advisories are also available from the
GraphQL API