Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,850
Erlang
36
GitHub Actions
34
Go
2,480
Maven
5,000+
npm
4,097
NuGet
734
pip
3,910
Pub
12
RubyGems
945
Rust
1,014
Swift
39
Unreviewed advisories
All unreviewed
5,000+

9,778 advisories

Loading
Directus tokens are not redacted in flow logs, exposing session credentials to all admin Moderate
CVE-2025-53886 was published for directus (npm) Jul 15, 2025
licitdev
Indico vulnerability allows attackers to bulk dump user details Moderate
CVE-2025-53640 was published for indico (pip) Jul 14, 2025
rafaelcorvino1 rildosouza
nmmorette
An information disclosure vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. High Unreviewed
CVE-2024-51769 was published Jul 14, 2025
A vulnerability classified as critical was found in LB-LINK BL-AC1900, BL-AC2100_AZ3, BL-AC3600,... Moderate Unreviewed
CVE-2025-7572 was published Jul 14, 2025
A vulnerability, which was classified as critical, has been found in LB-LINK BL-AC1900, BL... Moderate Unreviewed
CVE-2025-7573 was published Jul 14, 2025
A vulnerability, which was classified as critical, was found in LB-LINK BL-AC3600 up to 1.0.22.... Moderate Unreviewed
CVE-2025-7565 was published Jul 14, 2025
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for... High Unreviewed
CVE-2020-36848 was published Jul 12, 2025
The WoodMart plugin for WordPress is vulnerable to Information Exposure in all versions up to,... Moderate Unreviewed
CVE-2025-6745 was published Jul 11, 2025
The WP Register Profile With Shortcode plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-4593 was published Jul 11, 2025
A path traversal vulnerability exists in Riverbed SteelHead VCX appliances (confirmed in VCX255U... High Unreviewed
CVE-2025-34098 was published Jul 10, 2025
docusaurus-plugin-content-gists vulnerability exposes GitHub Personal Access Token Critical
CVE-2025-53624 was published for docusaurus-plugin-content-gists (npm) Jul 9, 2025
webbertakken
Juju vulnerable to sensitive log retrieval via authenticated endpoint without authorization Moderate
CVE-2025-53512 was published for github.com/juju/juju (Go) Jul 9, 2025
wallyworld hpidcock
An unauthenticated information disclosure vulnerability exists in the WordPress Total Upkeep... Critical Unreviewed
CVE-2025-34084 was published Jul 9, 2025
Cloudflare Vite plugin exposes secrets over the built-in dev server Moderate
GHSA-4pfg-2mw5-f8jx was published for @cloudflare/vite-plugin (npm) Jul 8, 2025
Cherry
Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework... Moderate Unreviewed
CVE-2025-49664 was published Jul 8, 2025
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized... Moderate Unreviewed
CVE-2025-48808 was published Jul 8, 2025
Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an... Moderate Unreviewed
CVE-2025-47980 was published Jul 8, 2025
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform... Low Unreviewed
CVE-2025-20325 was published Jul 7, 2025
The Anonymous Restricted Content plugin for WordPress is vulnerable to Sensitive Information... Moderate Unreviewed
CVE-2024-11089 was published Jul 7, 2025
An information disclosure vulnerability exists in Ruijie NBR series routers (known to affect... High Unreviewed
CVE-2025-34057 was published Jul 2, 2025
The Contact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form &... Moderate Unreviewed
CVE-2024-13451 was published Jul 2, 2025
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to... High Unreviewed
CVE-2025-49741 was published Jul 2, 2025
An exposure of sensitive information vulnerability was identified in GitHub Enterprise Server... Moderate Unreviewed
CVE-2025-6600 was published Jul 1, 2025
A cloud infrastructure misconfiguration in OneLogin AD Connector results in log data being sent... Critical Unreviewed
CVE-2025-34064 was published Jul 1, 2025
An unauthenticated information disclosure vulnerability exists in AVTECH IP cameras, DVRs, and... Moderate Unreviewed
CVE-2025-34052 was published Jul 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database