Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,880
Maven
5,000+
npm
4,518
NuGet
784
pip
4,260
Pub
12
RubyGems
975
Rust
1,105
Swift
49
Unreviewed advisories
All unreviewed
5,000+

55 advisories

Loading
IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through... Moderate Unreviewed
CVE-2025-36058 was published Jan 20, 2026
Storybook manager bundle may expose environment variables during build High
CVE-2025-68429 was published for storybook (npm) Dec 18, 2025
matthew-gill
Credited to matthew-gill
Qlik Sense Enterprise v14.212.13 was discovered to contain an information leak via the /dev-hub/... High Unreviewed
CVE-2025-61138 was published Nov 21, 2025
TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory... High Unreviewed
CVE-2021-4471 was published Nov 15, 2025
Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration... High Unreviewed
CVE-2016-15056 was published Nov 15, 2025
The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2025-11891 was published Nov 11, 2025
Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive... Moderate Unreviewed
CVE-2025-46602 was published Oct 27, 2025
Jenkins Git client Plugin file system information disclosure vulnerability Moderate
CVE-2025-58458 was published for org.jenkins-ci.plugins:git-client (Maven) Sep 3, 2025
In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files Moderate Unreviewed
CVE-2025-57734 was published Aug 20, 2025
By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the... Moderate Unreviewed
CVE-2025-8452 was published Aug 12, 2025
An unauthenticated attacker who can access either the HTTP service (TCP port 80), the HTTPS... Moderate Unreviewed
CVE-2024-51977 was published Jun 26, 2025
In devinfo, there is a possible information disclosure due to a missing SELinux policy. This... Moderate Unreviewed
CVE-2025-20665 was published May 5, 2025
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed
CVE-2025-31421 was published Apr 4, 2025
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed
CVE-2025-31558 was published Apr 3, 2025
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed
CVE-2025-31550 was published Apr 1, 2025
yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via... Moderate Unreviewed
CVE-2025-25586 was published Mar 18, 2025
Apache NiFi: Potential Insertion of MongoDB Password in Provenance Record Moderate
CVE-2025-27017 was published for org.apache.nifi:nifi-mongodb-services (Maven) Mar 12, 2025
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed
CVE-2025-22633 was published Feb 24, 2025
An information exposure through log file vulnerability exists in Brocade SANnav before Brocade... Moderate Unreviewed
CVE-2022-43933 was published Feb 4, 2025
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed
CVE-2025-24689 was published Jan 27, 2025
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed
CVE-2025-22773 was published Jan 15, 2025
During MegaBIP installation process, a user is encouraged to change a default path to... Moderate Unreviewed
CVE-2024-6880 was published Jan 10, 2025
An issue was discovered in GitLab CE/EE affecting all versions starting from 17.4 prior to 17.5.1... Moderate Unreviewed
CVE-2025-0194 was published Jan 8, 2025
Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed
CVE-2025-22306 was published Jan 7, 2025
An attacker authenticated as an administrator can use an exposed webservice to create a PDF with... Moderate Unreviewed
CVE-2024-47580 was published Dec 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database