Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,904
Erlang
38
GitHub Actions
38
Go
2,566
Maven
5,000+
npm
4,237
NuGet
753
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,062 advisories

Loading
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized... Low Unreviewed
CVE-2025-59284 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an... Low Unreviewed
CVE-2025-59294 was published Oct 14, 2025
A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown... Low Unreviewed
CVE-2025-11647 was published Oct 13, 2025
A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is... Low Unreviewed
CVE-2025-11644 was published Oct 12, 2025
A security vulnerability has been detected in Tomofun Furbo Mobile App up to 7.57.0a on Android.... Low Unreviewed
CVE-2025-11645 was published Oct 12, 2025
A security flaw has been discovered in Tomofun Furbo 360 and Furbo Mini. This affects an unknown... Low Unreviewed
CVE-2025-11634 was published Oct 12, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION This issue... Low Unreviewed
CVE-2025-52634 was published Oct 10, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in HCL AION.This issue... Low Unreviewed
CVE-2025-52630 was published Oct 10, 2025
When an error occurs in the application a full stacktrace is provided to the user. The stacktrace... Low Unreviewed
CVE-2025-58589 was published Oct 6, 2025
There is an an information disclosure vulnerability in ZTE T5400. Due to improper configuration... Low Unreviewed
CVE-2025-26710 was published Sep 16, 2025
Vite middleware may serve files starting with the same name with the public directory Low
CVE-2025-58751 was published for vite (npm) Sep 9, 2025
orihjfrog lukeed
Credited to orihjfrog and lukeed
Vite's `server.fs` settings were not applied to HTML files Low
CVE-2025-58752 was published for vite (npm) Sep 9, 2025
orihjfrog dominikg
Credited to orihjfrog and dominikg
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions). The... Low Unreviewed
CVE-2025-40803 was published Sep 9, 2025
Atlantis Exposes Service Version Publicly on /status API Endpoint Low
CVE-2025-58445 was published for github.com/runatlantis/atlantis (Go) Sep 5, 2025
matthewmrichter
Credited to matthewmrichter
Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbond 25Q64JVSIQ) that is... Low Unreviewed
CVE-2025-51643 was published Aug 28, 2025
A security flaw has been discovered in FNKvision Y215 CCTV Camera 10.194.120.40. This affects an... Low Unreviewed
CVE-2025-9381 was published Aug 24, 2025
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that... Low Unreviewed
CVE-2025-8448 was published Aug 20, 2025
Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software... Low Unreviewed
CVE-2025-27707 was published Aug 12, 2025
Dell SupportAssist OS Recovery, versions prior to 5.5.14.0, contains an Exposure of Sensitive... Low Unreviewed
CVE-2025-38746 was published Aug 6, 2025
A vulnerability was found in Intelbras InControl 2.21.60.9 and classified as problematic. This... Low Unreviewed
CVE-2025-8515 was published Aug 4, 2025
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a guest could get... Low Unreviewed
CVE-2025-23290 was published Aug 3, 2025
HCL Connections is vulnerable to an information disclosure vulnerability that could allow a user... Low Unreviewed
CVE-2024-42209 was published Jul 17, 2025
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform... Low Unreviewed
CVE-2025-20325 was published Jul 7, 2025
A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is... Low Unreviewed
CVE-2025-6199 was published Jun 17, 2025
Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software... Low Unreviewed
CVE-2025-20030 was published May 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database