GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,857
Composer 4,472
Erlang 33
GitHub Actions 24
Go 2,195
Maven 5,421
npm 3,841
NuGet 696
pip 3,632
Pub 12
RubyGems 911
Rust 910
Swift 38

Unreviewed advisories

All unreviewed 248,575

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

61 advisories

Filter by severity

Sort by

Least recently updated

AWS CDK CLI prints AWS credentials retrieved by custom credential plugins Moderate

CVE-2025-2598 was published for aws-cdk (npm) Mar 21, 2025

langchain-core allows unauthorized users to read arbitrary files from the host file system Moderate

CVE-2024-10940 was published for langchain-core (pip) Mar 20, 2025

Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, contain(s) an Exposure of... Moderate Unreviewed

CVE-2025-23382 was published Mar 19, 2025

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Bowo... Moderate Unreviewed

CVE-2025-26911 was published Feb 25, 2025

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed

CVE-2025-26758 was published Feb 17, 2025

An information disclosure vulnerability in GitLab CE/EE affecting all versions from 8.3 prior to... Moderate Unreviewed

CVE-2025-1212 was published Feb 12, 2025

IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0)... Moderate Unreviewed

CVE-2024-37526 was published Jan 28, 2025

IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version... Moderate Unreviewed

CVE-2024-40706 was published Jan 24, 2025

A valid set of credentials in a .js file and a static token for communication were obtained from... Moderate Unreviewed

CVE-2024-53683 was published Jan 17, 2025

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to... Moderate Unreviewed

CVE-2024-11029 was published Jan 15, 2025

SAP GUI for Java saves user input on the client PC to improve usability. An attacker with... Moderate Unreviewed

CVE-2025-0056 was published Jan 14, 2025

SAP GUI for Windows stores user input on the client PC to improve usability. Under very specific... Moderate Unreviewed

CVE-2025-0055 was published Jan 14, 2025

Applications based on SAP GUI for HTML in SAP NetWeaver Application Server ABAP store user input... Moderate Unreviewed

CVE-2025-0059 was published Jan 14, 2025

IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in... Moderate Unreviewed

CVE-2024-45640 was published Jan 7, 2025

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could disclose sensitive system... Moderate Unreviewed

CVE-2024-52367 was published Jan 7, 2025

Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured... Moderate Unreviewed

CVE-2024-12993 was published Dec 30, 2024

Multiple SHARP routers contain an improper authentication vulnerability in the configuration... Moderate Unreviewed

CVE-2024-52321 was published Dec 23, 2024

Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to... Moderate Unreviewed

CVE-2024-32732 was published Dec 10, 2024

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed

CVE-2024-53814 was published Dec 9, 2024

Synapse Matrix has a partial room state leak via Sliding Sync Moderate

CVE-2024-53867 was published for matrix-synapse (pip) Dec 3, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 exposes server details that could allow an attacker... Moderate Unreviewed

CVE-2024-25035 was published Dec 3, 2024

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in IDE... Moderate Unreviewed

CVE-2024-53768 was published Nov 30, 2024

The uyuni-server-attestation systemd service needs a database_password environment variable. This... Moderate Unreviewed

CVE-2024-22037 was published Nov 28, 2024

An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3.7... Moderate Unreviewed

CVE-2024-10240 was published Nov 26, 2024

A vulnerability exists in NSD570 that allows any authenticated user to access all device logs... Moderate Unreviewed

CVE-2024-9929 was published Nov 26, 2024

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

61 advisories