Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,662
Maven
5,000+
npm
4,289
NuGet
760
pip
4,069
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

78 advisories

Loading
Improper access control in the certificate management component of Ivanti Connect Secure before... Moderate Unreviewed
CVE-2025-5450 was published Jul 8, 2025
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... Moderate Unreviewed
CVE-2025-43699 was published Jun 10, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... High Unreviewed
CVE-2025-40591 was published Jun 10, 2025
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If... Moderate Unreviewed
CVE-2025-47697 was published May 30, 2025
IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive... High Unreviewed
CVE-2025-33137 was published May 22, 2025
Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed... Moderate Unreviewed
CVE-2022-3047 was published Sep 27, 2022
A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote... High Unreviewed
CVE-2025-20113 was published May 21, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... Critical Unreviewed
CVE-2025-32469 was published May 13, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... Critical Unreviewed
CVE-2025-33025 was published May 13, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... Critical Unreviewed
CVE-2025-33024 was published May 13, 2025
A vulnerability has been found in Dígitro NGC Explorer 3.44.15 and classified as problematic.... Moderate Unreviewed
CVE-2025-4527 was published May 11, 2025
Outsystems Multiple File Upload < 3.1.0 is vulnerable to Unrestricted File Upload. The... Moderate Unreviewed
CVE-2025-28168 was published May 5, 2025
Insufficient policy enforcement in developer tools in Google Chrome prior to 106.0.5249.62... High Unreviewed
CVE-2022-3308 was published Nov 2, 2022
Insufficient policy enforcement in custom tabs in Google Chrome on Android prior to 106.0.5249.62... Moderate Unreviewed
CVE-2022-3310 was published Nov 2, 2022
IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0.1 IF001 Authoring allows... Moderate Unreviewed
CVE-2025-1838 was published May 3, 2025
This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the... High Unreviewed
CVE-2025-42601 was published Apr 23, 2025
A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX... Moderate Unreviewed
CVE-2017-14013 was published May 13, 2022
W. W. Norton InQuizitive through 2025-04-08 allows students to insert arbitrary records of their... High Unreviewed
CVE-2025-32808 was published Apr 11, 2025
In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When... Moderate Unreviewed
CVE-2025-32359 was published Apr 5, 2025
Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a... Moderate Unreviewed
CVE-2023-0704 was published Feb 7, 2023
A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet... Moderate Unreviewed
CVE-2024-52960 was published Mar 11, 2025
An issue in account management interface in Netsweeper Server v.8.2.6 and earlier (fixed in v.8.2... High Unreviewed
CVE-2025-25497 was published Mar 6, 2025
IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and IBM... Moderate Unreviewed
CVE-2024-49824 was published Jan 18, 2025
Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before... High Unreviewed
CVE-2024-9844 was published Dec 10, 2024
Password Policy Bypass Vulnerability in Fides Webserver User Accept Invite API Low
CVE-2024-52008 was published for ethyca-fides (pip) Nov 26, 2024
h0wl andres-torres-marroquin
daveqnet erosselli
Credited to h0wl, andres-torres-marroquin, daveqnet, and erosselli
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database