GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,946

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

57 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The BigFix SaaS's HTTP responses were missing some security headers. The absence of these headers... Moderate Unreviewed

CVE-2025-52622 was published Dec 2, 2025

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the smbd_response... Moderate Unreviewed

CVE-2025-38523 was published Aug 16, 2025

Jenkins Eggplant Runner Plugin protection mechanism disabled Moderate

CVE-2025-64135 was published for io.jenkins.plugins:eggplant-runner (Maven) Oct 29, 2025

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation... Moderate Unreviewed

CVE-2022-47196 was published Jan 19, 2023

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation... Moderate Unreviewed

CVE-2022-47194 was published Jan 19, 2023

An issue was discovered in Siime Eye 14.1.00000001.3.330.0.0.3.14. It uses a default SSID value,... Moderate Unreviewed

CVE-2020-11917 was published Nov 7, 2024

By failing to authenticate three times to an unconfigured Abilis CPX device via SSH, an attacker... Moderate Unreviewed

CVE-2025-35021 was published Nov 4, 2025

The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap... Moderate Unreviewed

CVE-2025-48927 was published May 28, 2025

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix... Moderate Unreviewed

CVE-2022-49099 was published Oct 14, 2025

Denial of Service in Forescout SecureConnector 11.1.02.1019 on Windows allows Unprivileged user... Moderate Unreviewed

CVE-2024-9949 was published Oct 23, 2024

VMware Aria Operations contains an information disclosure vulnerability. A malicious actor with... Moderate Unreviewed

CVE-2025-41245 was published Sep 29, 2025

Liferay has Insecure Default Initialization of Resource issue Moderate

CVE-2025-43797 was published for com.liferay:com.liferay.site.admin.web (Maven) Sep 16, 2025

During a short time frame while the device is booting an unauthenticated remote attacker can send... Moderate Unreviewed

CVE-2025-41713 was published Sep 15, 2025

In generateRandomPassword of LocalBluetoothLeBroadcast.java, there is a possible way to intercept... Moderate Unreviewed

CVE-2025-32330 was published Sep 4, 2025

Liferay Portal and Liferay DXP HTTP Header Can Expose Versions Moderate

CVE-2024-26267 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 20, 2024

Zipkin Server vulnerable to Insecure Resource Initialization through its /heapdump endpoint Moderate

CVE-2025-53602 was published for io.zipkin:zipkin-server (Maven) Jul 4, 2025

In the Linux kernel, the following vulnerability has been resolved: dm btree remove: assign... Moderate Unreviewed

CVE-2021-47343 was published May 21, 2024

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an... Moderate Unreviewed

CVE-2023-48733 was published Feb 15, 2024

CNCF K3s Kubernetes kubelet configuration exposes credentials Moderate

CVE-2025-46599 was published for github.com/k3s-io/k3s (Go) Apr 25, 2025

Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before... Moderate Unreviewed

CVE-2021-33130 was published May 13, 2022

wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting... Moderate Unreviewed

CVE-2017-5491 was published May 13, 2022

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could... Moderate Unreviewed

CVE-2025-2441 was published Apr 9, 2025

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could... Moderate Unreviewed

CVE-2025-2442 was published Apr 9, 2025

Dell Common Event Enabler, version(s) CEE 9.0.0.0, contain(s) an Initialization of a Resource... Moderate Unreviewed

CVE-2025-29985 was published Apr 8, 2025

Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have... Moderate Unreviewed

CVE-2025-27809 was published Mar 25, 2025

Previous1…3 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

57 advisories