GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,935
Composer 5,069
Erlang 39
GitHub Actions 38
Go 2,726
Maven 6,143
npm 4,331
NuGet 763
pip 4,107
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

68 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The SureForms plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-12536 was published Nov 13, 2025

IBM Db2 11.1.0 through 11.1.4.7, 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX... Moderate Unreviewed

CVE-2025-36131 was published Nov 7, 2025

HCL BigFix Query is affected by a sensitive information disclosure in the WebUI Query application... Moderate Unreviewed

CVE-2025-52602 was published Nov 5, 2025

Exposure of Private Personal Information to an Unauthorized Actor (CWE-359) in the Command Centre... Moderate Unreviewed

CVE-2025-35981 was published Oct 23, 2025

The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has a Global... Moderate Unreviewed

CVE-2025-62644 was published Oct 17, 2025

An Exposure of Private Personal Information ('Privacy Violation') vulnerability [CWE-359] in... Moderate Unreviewed

CVE-2025-53950 was published Oct 16, 2025

Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing... Moderate Unreviewed

CVE-2025-10859 was published Sep 30, 2025

A configuration issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed

CVE-2025-43310 was published Sep 16, 2025

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Moderate Unreviewed

CVE-2025-43279 was published Sep 16, 2025

Presta Shop vulnerable to email enumeration Moderate

CVE-2025-51586 was published for prestashop/prestashop (Composer) Sep 4, 2025

A low-privileged remote attacker can obtain the username of another registered Sunny Portal user... Moderate Unreviewed

CVE-2025-41685 was published Aug 19, 2025

Exposure of private personal information to an unauthorized actor in Azure Stack allows an... Moderate Unreviewed

CVE-2025-53765 was published Aug 12, 2025

This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Moderate Unreviewed

CVE-2025-43259 was published Jul 30, 2025

The issue was addressed by adding additional logic. This issue is fixed in iPadOS 17.7.9, iOS 18... Moderate Unreviewed

CVE-2025-43217 was published Jul 30, 2025

This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and... Moderate Unreviewed

CVE-2025-31276 was published Jul 30, 2025

A flaw was found in Red Hat Advanced Cluster Management through versions 2.10, before 2.10.7, 2... Moderate Unreviewed

CVE-2025-6017 was published Jul 2, 2025

Sensitive device logger information in ASPECT may be exposed if administrator credentials become... Moderate Unreviewed

CVE-2024-13953 was published May 22, 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 17.1 before 17.10.7, 17... Moderate Unreviewed

CVE-2025-0679 was published May 22, 2025

Insufficient default configuration in HCL Leap allows anonymous access to directory information. Moderate Unreviewed

CVE-2023-45721 was published May 1, 2025

Insufficient default configuration in HCL Leap allows anonymous access to directory information. Moderate Unreviewed

CVE-2023-45720 was published Apr 24, 2025

By first using the AI chatbot in one tab and later activating it in another tab, the document... Moderate Unreviewed

CVE-2025-3035 was published Apr 1, 2025

A vulnerability in Intrexx Portal Server 12.0.2 and earlier which was classified as problematic... Moderate Unreviewed

CVE-2025-26816 was published Mar 19, 2025

A vulnerability in the AOS-CX REST interface could allow an authenticated remote attacker with... Moderate Unreviewed

CVE-2025-25042 was published Mar 18, 2025

Vulnerabilities in the command line interface of AOS-CX could allow an authenticated remote... Moderate Unreviewed

CVE-2025-27080 was published Mar 18, 2025

The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed

CVE-2024-13228 was published Mar 11, 2025

Previous1…3 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

68 advisories