GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,324
Composer 4,360
Erlang 33
GitHub Actions 22
Go 2,127
Maven 5,308
npm 3,793
NuGet 683
pip 3,471
Pub 12
RubyGems 894
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 244,785

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

69 advisories

Filter by severity

Sort by

Least recently updated

An information disclosure vulnerability in GitLab CE/EE affecting all versions from 8.3 prior to... Moderate Unreviewed

CVE-2025-1212 was published Feb 12, 2025

School Affairs System from Quanxun has an Exposure of Sensitive Information, allowing... Critical Unreviewed

CVE-2025-1144 was published Feb 11, 2025

A Local File Inclusion (LFI) vulnerability exists in the /load-workflow endpoint of modelscope... High Unreviewed

CVE-2024-8550 was published Feb 10, 2025

Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h and Forever... Critical Unreviewed

CVE-2024-36554 was published Feb 6, 2025

IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0)... Moderate Unreviewed

CVE-2024-37526 was published Jan 28, 2025

IBM InfoSphere Information Server 11.7 could allow a remote user to obtain sensitive version... Moderate Unreviewed

CVE-2024-40706 was published Jan 24, 2025

A valid set of credentials in a .js file and a static token for communication were obtained from... Moderate Unreviewed

CVE-2024-53683 was published Jan 17, 2025

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to... Moderate Unreviewed

CVE-2024-11029 was published Jan 15, 2025

SAP BusinessObjects Business Intelligence Platform allows an unauthenticated attacker to perform... High Unreviewed

CVE-2025-0061 was published Jan 14, 2025

SAP GUI for Java saves user input on the client PC to improve usability. An attacker with... Moderate Unreviewed

CVE-2025-0056 was published Jan 14, 2025

SAP GUI for Windows stores user input on the client PC to improve usability. Under very specific... Moderate Unreviewed

CVE-2025-0055 was published Jan 14, 2025

Applications based on SAP GUI for HTML in SAP NetWeaver Application Server ABAP store user input... Moderate Unreviewed

CVE-2025-0059 was published Jan 14, 2025

IBM Security ReaQta 3.12 returns sensitive information in an HTTP response that could be used in... Moderate Unreviewed

CVE-2024-45640 was published Jan 7, 2025

IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could disclose sensitive system... Moderate Unreviewed

CVE-2024-52367 was published Jan 7, 2025

Infinix devices contain a pre-loaded "com.rlk.weathers" application, that exposes an unsecured... Moderate Unreviewed

CVE-2024-12993 was published Dec 30, 2024

Multiple SHARP routers contain an improper authentication vulnerability in the configuration... Moderate Unreviewed

CVE-2024-52321 was published Dec 23, 2024

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... High Unreviewed

CVE-2024-54279 was published Dec 16, 2024

IBM InfoSphere DataStage Flow Designer (InfoSphere Information Server 11.7) could allow an... Low Unreviewed

CVE-2023-23472 was published Dec 11, 2024

Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to... Moderate Unreviewed

CVE-2024-32732 was published Dec 10, 2024

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed

CVE-2024-53814 was published Dec 9, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 exposes server details that could allow an attacker... Moderate Unreviewed

CVE-2024-25035 was published Dec 3, 2024

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in IDE... Moderate Unreviewed

CVE-2024-53768 was published Nov 30, 2024

The uyuni-server-attestation systemd service needs a database_password environment variable. This... Moderate Unreviewed

CVE-2024-22037 was published Nov 28, 2024

An issue has been discovered in GitLab EE affecting all versions starting from 17.3 before 17.3.7... Moderate Unreviewed

CVE-2024-10240 was published Nov 26, 2024

A vulnerability exists in NSD570 that allows any authenticated user to access all device logs... Moderate Unreviewed

CVE-2024-9929 was published Nov 26, 2024

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

69 advisories