Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,681
Maven
5,000+
npm
4,311
NuGet
760
pip
4,084
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,334 advisories

Loading
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the... Moderate Unreviewed
CVE-2021-3979 was published Aug 26, 2022
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password... Moderate Unreviewed
CVE-2023-4641 was published Dec 27, 2023
A vulnerability was identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is... Moderate Unreviewed
CVE-2025-11633 was published Oct 12, 2025
Moodle does not properly enforce MFA Moderate
CVE-2025-62398 was published for moodle/moodle (Composer) Oct 23, 2025
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote... Moderate Unreviewed
CVE-2013-0625 was published May 17, 2022
Improper authentication in Microsoft Office SharePoint allows an authorized attacker to perform... Moderate Unreviewed
CVE-2025-49706 was published Jul 8, 2025
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient... Moderate Unreviewed
CVE-2024-37085 was published Jun 25, 2024
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18,... Moderate Unreviewed
CVE-2020-8196 was published May 24, 2022
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18,... Moderate Unreviewed
CVE-2020-8193 was published May 24, 2022
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or... Moderate Unreviewed
CVE-2020-3952 was published May 24, 2022
After the initial setup process, some steps of setup.php file are reachable not only by super... Moderate Unreviewed
CVE-2022-23134 was published Feb 9, 2022
A flaw has been found in 70mai X200 up to 20251010. Affected is an unknown function of the... Moderate Unreviewed
CVE-2025-11942 was published Oct 19, 2025
A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160.... Moderate Unreviewed
CVE-2025-4015 was published Apr 28, 2025
A vulnerability was found in ProjectsAndPrograms School Management System up to... Moderate Unreviewed
CVE-2025-11661 was published Oct 13, 2025
A vulnerability was found in Apeman ID71 218.53.203.117. The impacted element is an unknown... Moderate Unreviewed
CVE-2025-11852 was published Oct 16, 2025
An issue in RTSPtoWeb v.2.4.3 allows a remote attacker to obtain sensitive information and... Moderate Unreviewed
CVE-2025-56578 was published Sep 10, 2025
In infiniflow/ragflow version v0.12.0, there is an improper authentication vulnerability that... Moderate Unreviewed
CVE-2024-12869 was published Mar 20, 2025
An improper authentication vulnerability [CWE-287] in Fortinet FortiAnalyzer version 7.6.0... Moderate Unreviewed
CVE-2025-53845 was published Oct 14, 2025
A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to... Moderate Unreviewed
CVE-2025-4018 was published Apr 28, 2025
A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to... Moderate Unreviewed
CVE-2025-4019 was published Apr 28, 2025
An attacker with access to the network where the vulnerable device is located could capture... Moderate Unreviewed
CVE-2025-2859 was published Mar 28, 2025
MCPHub has an Improper Authorization vulnerability via its handleSseConnection function Moderate
CVE-2025-11287 was published for @samanhappy/mcphub (npm) Oct 5, 2025
A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function... Moderate Unreviewed
CVE-2025-11529 was published Oct 9, 2025
An improper authentication vulnerability has been reported to affect QNAP Authenticator. If an... Moderate Unreviewed
CVE-2025-54154 was published Oct 3, 2025
A vulnerability, which was classified as critical, has been found in xxyopen/201206030 novel-plus... Moderate Unreviewed
CVE-2025-6533 was published Jun 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database