Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,850
Erlang
36
GitHub Actions
34
Go
2,480
Maven
5,000+
npm
4,097
NuGet
734
pip
3,910
Pub
12
RubyGems
945
Rust
1,014
Swift
39
Unreviewed advisories
All unreviewed
5,000+

9,778 advisories

Loading
Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is... Low Unreviewed
CVE-2025-51643 was published Aug 28, 2025
Valtimo scripting engine can be used to gain access to sensitive data or resources Critical
CVE-2025-58059 was published for com.ritense.valtimo:core (Maven) Aug 28, 2025
Contao can disclose sensitive information in the news module Moderate
CVE-2025-57757 was published for contao/contao (Composer) Aug 28, 2025
fritzmg
Contao discloses sensitive information in the front end search index Moderate
CVE-2025-57756 was published for contao/contao (Composer) Aug 28, 2025
fritzmg
The Xagio SEO plugin for WordPress is vulnerable to Sensitive Information Exposure in all... High Unreviewed
CVE-2024-13807 was published Aug 28, 2025
SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information... High Unreviewed
CVE-2023-7308 was published Aug 28, 2025
A vulnerability in the logging feature of Cisco NX-OS Software for Cisco Nexus 3000 Series... Moderate Unreviewed
CVE-2025-20290 was published Aug 27, 2025
Mahara before 24.04.9 exposes database connection information if the database becomes unreachable... High Unreviewed
CVE-2025-29992 was published Aug 26, 2025
Supported versions of Mahara 24.04 before 24.04.1 and 23.04 before 23.04.6 are vulnerable to... Critical Unreviewed
CVE-2024-39335 was published Aug 26, 2025
A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown... Moderate Unreviewed
CVE-2025-9461 was published Aug 26, 2025
Mahara before 22.10.4 and 23.x before 23.04.4 allows information disclosure if the experimental... High Unreviewed
CVE-2023-47799 was published Aug 25, 2025
Information disclosure and exposure of authentication FTP credentials over the debug port 1604 in... Critical Unreviewed
CVE-2025-7426 was published Aug 25, 2025
A security vulnerability has been detected in YiFang CMS up to 2.0.5. Affected by this... Moderate Unreviewed
CVE-2025-9398 was published Aug 25, 2025
A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an... Low Unreviewed
CVE-2025-9381 was published Aug 24, 2025
@musistudio/claude-code-router has improper CORS configuration High
CVE-2025-57755 was published for @musistudio/claude-code-router (npm) Aug 21, 2025
ttttmr
A security flaw has been discovered in elunez eladmin up to 2.7. Affected by this issue is some... Moderate Unreviewed
CVE-2025-9240 was published Aug 20, 2025
A vulnerability in the debug logging function of Cisco Duo Authentication Proxy could allow an... Moderate Unreviewed
CVE-2025-20345 was published Aug 20, 2025
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... Low Unreviewed
CVE-2025-8448 was published Aug 20, 2025
A vulnerability was determined in Scada-LTS 2.7.8.1. Affected by this vulnerability is an unknown... Moderate Unreviewed
CVE-2025-9139 was published Aug 19, 2025
Multiple FunnelKit plugins are vulnerable to Sensitive Information Exposure via the wf_get_cookie... High Unreviewed
CVE-2025-7654 was published Aug 19, 2025
The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-12575 was published Aug 16, 2025
This issue was addressed with improved checks. This issue is fixed in Apple Music Classical 2.3... Moderate Unreviewed
CVE-2025-43201 was published Aug 16, 2025
There is an unauthorized access vulnerability in ZTE F50. Due to improper permission control of... Moderate Unreviewed
CVE-2025-26709 was published Aug 15, 2025
The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less... Moderate Unreviewed
CVE-2025-8091 was published Aug 15, 2025
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-8676 was published Aug 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database