Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,850
Erlang
36
GitHub Actions
34
Go
2,480
Maven
5,000+
npm
4,097
NuGet
734
pip
3,910
Pub
12
RubyGems
945
Rust
1,014
Swift
39
Unreviewed advisories
All unreviewed
5,000+

450 advisories

Loading
A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that... High Unreviewed
CVE-2017-6873 was published May 13, 2022
The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior... High Unreviewed
CVE-2021-25094 was published Apr 26, 2022
An issue in the component tpi_systool_handle(0) (/goform/SysToolReboot) of Tenda W6-S v1.0.0.4... High Unreviewed
CVE-2022-45498 was published Dec 8, 2022
An issue in the component tpi_systool_handle(0) (/goform/SysToolRestoreSet) of Tenda W6-S v1.0.0... High Unreviewed
CVE-2022-45504 was published Dec 8, 2022
Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller... High Unreviewed
CVE-2024-32752 was published Jun 6, 2024
The /device/acceptBind end-point for Ourphoto App version 1.4.1 does not require authentication... High Unreviewed
CVE-2022-24190 was published Nov 29, 2022
An issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229... High Unreviewed
CVE-2022-44784 was published Nov 22, 2022
BKG Professional NtripCaster 2.0.39 allows querying information over the UDP protocol without... High Unreviewed
CVE-2022-42982 was published Nov 17, 2022
A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could... High Unreviewed
CVE-2025-20210 was published May 7, 2025
Endpoint /cgi-bin-igd/netcore_set.cgi which is used for changing device configuration is... High Unreviewed
CVE-2025-3759 was published May 8, 2025
WF2220 exposes endpoint /cgi-bin-igd/netcore_get.cgi that returns configuration of the device to... High Unreviewed
CVE-2025-3758 was published May 8, 2025
Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system... High Unreviewed
CVE-2020-23648 was published Oct 19, 2022
A vulnerability has been identified in Desigo CC (All versions if access from Installed Clients... High Unreviewed
CVE-2024-23815 was published May 13, 2025
In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing... High Unreviewed
CVE-2025-48391 was published May 20, 2025
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-7628 was published Aug 15, 2024
An unauthenticated remote attacker can access a URL which causes the device to reboot. High Unreviewed
CVE-2025-41655 was published May 26, 2025
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses... High Unreviewed
CVE-2022-34908 was published Feb 27, 2023
CyberData  011209 Intercom exposes features that could allow an unauthenticated to gain ... High Unreviewed
CVE-2025-26468 was published Jun 10, 2025
The Archify application contains a local privilege escalation vulnerability due to insufficient... High Unreviewed
CVE-2024-9062 was published Jun 11, 2025
A web application for configuring the controller is accessible at a specific path. It contains an... High Unreviewed
CVE-2025-25265 was published Jun 16, 2025
IBM Spectrum Protect Server 8.1 through 8.1.26 could allow attacker to bypass authentication due... High Unreviewed
CVE-2025-3319 was published Jun 20, 2025
An unauthenticated remote attacker can obtain limited sensitive information and/or DoS the device... High Unreviewed
CVE-2025-3090 was published Jun 26, 2025
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2... High Unreviewed
CVE-2025-32978 was published Jun 26, 2025
Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure... High Unreviewed
CVE-2025-6678 was published Jun 26, 2025
The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a... High Unreviewed
CVE-2024-8419 was published Jun 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database