Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,891
Erlang
37
GitHub Actions
38
Go
2,550
Maven
5,000+
npm
4,221
NuGet
745
pip
3,998
Pub
12
RubyGems
953
Rust
1,039
Swift
45
Unreviewed advisories
All unreviewed
5,000+

296 advisories

Loading
Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what... Critical Unreviewed
CVE-2024-4995 was published Dec 18, 2024
Insecure Storage of Sensitive Information in Secure Folder prior to Android 16 allows local... Moderate Unreviewed
CVE-2025-21041 was published Sep 19, 2025
Some "Stored Value" Unattended Payment Solutions of KioSoft use vulnerable NFC cards. Attackers... Critical Unreviewed
CVE-2025-8699 was published Sep 12, 2025
The issue was addressed with improved handling of caches. This issue is fixed in iOS 18.7 and... Moderate Unreviewed
CVE-2025-43203 was published Sep 16, 2025
Insecure Storage of Sensitive Information vulnerability in Calix GigaCenter ONT (Quantenna SoC... Moderate Unreviewed
CVE-2025-54083 was published Sep 9, 2025
Spoofing attack in swagger-ui Moderate
CVE-2018-25031 was published for org.webjars:swagger-ui (Maven) Mar 12, 2022
AndrzejBiernacki2010
Credited to AndrzejBiernacki2010
Multiple products provided by iND Co.,Ltd contain an insecure storage of sensitive information... High Unreviewed
CVE-2025-53507 was published Aug 29, 2025
An issue was discovered in 4C Strategies Exonaut 21.6. Passwords, stored in the database, are... Moderate Unreviewed
CVE-2025-46660 was published Aug 6, 2025
A vulnerability was discovered in the storage policy for certain sets of sensitive credential... Moderate Unreviewed
CVE-2025-37110 was published Jul 31, 2025
An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain... Moderate Unreviewed
CVE-2025-28171 was published Jul 29, 2025
Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows... Moderate Unreviewed
CVE-2025-21003 was published Jul 8, 2025
Insecure Permissions vulnerability in the Local Storage in Alteryx Server 2023.1.1.460 allows... High Unreviewed
CVE-2025-28244 was published Jul 10, 2025
The GuiXT application, which is integrated with SAP GUI for Windows, uses obfuscation algorithms... Moderate Unreviewed
CVE-2025-42979 was published Jul 8, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Low Unreviewed
CVE-2024-21211 was published Oct 15, 2024
Users’ product account authentication data was stored in clear text in The Genie Company Aladdin... Moderate Unreviewed
CVE-2023-5879 was published Jan 3, 2024
The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-3678 was published Apr 26, 2024
`bhyveload -h <host-path>` may be used to grant loader access to the <host-path> directory tree... Moderate Unreviewed
CVE-2024-25940 was published Feb 15, 2024
MantisBT Insecure Storage in manage_proj_edit_page.php Moderate
CVE-2020-29603 was published for mantisbt/mantisbt (Composer) May 24, 2022
Missing permission checks on Hazelcast client protocol High
CVE-2023-45859 was published for com.hazelcast:hazelcast (Maven) Feb 27, 2024
jorditpuig
Credited to jorditpuig
The TeleMessage service through 2025-05-05 implements authentication through a long-lived... Moderate Unreviewed
CVE-2025-48929 was published May 28, 2025
Serialized configuration information may be disclosed during device commissioning while using... Moderate Unreviewed
CVE-2024-13954 was published May 22, 2025
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in... Low Unreviewed
CVE-2024-23217 was published Jan 23, 2024
Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4... Moderate Unreviewed
CVE-2022-28170 was published Oct 26, 2022
This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS... Low Unreviewed
CVE-2022-32867 was published Nov 2, 2022
Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the... High Unreviewed
CVE-2025-45242 was published May 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database