Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,614
Maven
5,000+
npm
4,254
NuGet
760
pip
4,031
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

15 advisories

Loading
ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message Authentication Code (MAC).... Low Unreviewed
CVE-2019-19092 was published May 24, 2022
SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to... Low Unreviewed
CVE-2021-32453 was published May 24, 2022
Free5gc v3.2.1 is vulnerable to Information disclosure. Low Unreviewed
CVE-2022-38870 was published Oct 25, 2022
Some Dahua software products have a vulnerability of unauthenticated traceroute host from remote... Low Unreviewed
CVE-2022-45433 was published Dec 27, 2022
The force offline MFA prompt setting is not respected when switching to offline mode in... Low Unreviewed
CVE-2023-0463 was published Jan 26, 2023
Missing Authentication for Critical Function in GitHub repository kareadita/kavita prior to 0.7.0. Low Unreviewed
CVE-2023-0919 was published Feb 19, 2023
The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots,... Low Unreviewed
CVE-2023-29063 was published Nov 28, 2023
Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile... Low Unreviewed
CVE-2024-31684 was published Jun 3, 2024
There is a MEDIUM severity vulnerability affecting CPython. The “socket” module provides a pure... Low Unreviewed
CVE-2024-3219 was published Jul 30, 2024
Improper handling of WiFi information by framework services can allow certain malicious... Low Unreviewed
CVE-2020-12492 was published Nov 25, 2024
Multiple FCNT Android devices provide the original security features such as "privacy mode" where... Low Unreviewed
CVE-2024-53701 was published Nov 29, 2024
In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible... Low Unreviewed
CVE-2024-54153 was published Dec 4, 2024
In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project... Low Unreviewed
CVE-2024-54155 was published Dec 4, 2024
HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated... Low Unreviewed
CVE-2024-42178 was published Apr 18, 2025
A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic.... Low Unreviewed
CVE-2025-5715 was published Jun 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database