GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,252
Composer 5,237
Erlang 40
GitHub Actions 41
Go 3,005
Maven 6,264
npm 4,733
NuGet 788
pip 4,343
Pub 12
RubyGems 987
Rust 1,137
Swift 50

Unreviewed advisories

All unreviewed 291,013

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

48 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ASTPP 4.0.1 contains an information disclosure vulnerability that allows unauthenticated... High Unreviewed

CVE-2020-37104 was published Feb 11, 2026

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Critical Unreviewed

CVE-2025-12059 was published Feb 11, 2026

The ZOLL ePCR IOS application reflects unsanitized user input into a WebView. Attacker-controlled... Moderate Unreviewed

CVE-2025-12699 was published Feb 10, 2026

IBM Business Automation Workflow containers 25.0.0 through 25.0.0 Interim Fix 002, 24.0.1 through... Moderate Unreviewed

CVE-2025-36058 was published Jan 20, 2026

Qlik Sense Enterprise v14.212.13 was discovered to contain an information leak via the /dev-hub/... High Unreviewed

CVE-2025-61138 was published Nov 21, 2025

TG8 Firewall exposes a directory such as /data/ over HTTP without authentication. This directory... High Unreviewed

CVE-2021-4471 was published Nov 15, 2025

Ubee EVW3226 cable modem/routers firmware versions up to and including 1.0.20 store configuration... High Unreviewed

CVE-2016-15056 was published Nov 15, 2025

The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed

CVE-2025-11891 was published Nov 11, 2025

Dell SupportAssist OS Recovery, versions prior to 5.5.15.0, contain an Insertion of Sensitive... Moderate Unreviewed

CVE-2025-46602 was published Oct 27, 2025

By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the... Moderate Unreviewed

CVE-2025-8452 was published Aug 12, 2025

The OpenUrlToBufferTimeout method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx... Moderate Unreviewed

CVE-2014-0772 was published May 17, 2022

The OpenUrlToBuffer method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in... Moderate Unreviewed

CVE-2014-0771 was published May 17, 2022

In JetBrains TeamCity before 2025.07.1 aWS credentials were exposed in Docker script files Moderate Unreviewed

CVE-2025-57734 was published Aug 20, 2025

An unauthenticated attacker who can access either the HTTP service (TCP port 80), the HTTPS... Moderate Unreviewed

CVE-2024-51977 was published Jun 26, 2025

In devinfo, there is a possible information disclosure due to a missing SELinux policy. This... Moderate Unreviewed

CVE-2025-20665 was published May 5, 2025

Sendio versions before 8.2.1 were affected by a Local File Inclusion vulnerability that allowed... High Unreviewed

CVE-2016-10399 was published May 17, 2022

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed

CVE-2025-31421 was published Apr 4, 2025

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed

CVE-2025-31558 was published Apr 3, 2025

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed

CVE-2025-31550 was published Apr 1, 2025

yimioa before v2024.07.04 was discovered to contain an information disclosure vulnerability via... Moderate Unreviewed

CVE-2025-25586 was published Mar 18, 2025

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed

CVE-2025-22633 was published Feb 24, 2025

An information exposure through log file vulnerability exists in Brocade SANnav before Brocade... Moderate Unreviewed

CVE-2022-43933 was published Feb 4, 2025

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed

CVE-2025-24689 was published Jan 27, 2025

Insertion of Sensitive Information into Externally-Accessible File or Directory vulnerability in... Moderate Unreviewed

CVE-2025-22773 was published Jan 15, 2025

During MegaBIP installation process, a user is encouraged to change a default path to... Moderate Unreviewed

CVE-2024-6880 was published Jan 10, 2025

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

48 advisories