GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,636

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

37 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Client-Side Enforcement of Server-Side Security (CWE-602) in the Command Centre Server allows a... Moderate Unreviewed

CVE-2025-41402 was published Oct 23, 2025

Client-side password validation (CWE-602) in lumasoft fotoShare Cloud 2025-03-13 allowing... Moderate Unreviewed

CVE-2025-56694 was published Aug 27, 2025

A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0.... Moderate Unreviewed

CVE-2025-8792 was published Aug 10, 2025

IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an authenticated user to perform... Moderate Unreviewed

CVE-2025-36039 was published Jul 31, 2025

IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2... Moderate Unreviewed

CVE-2024-41751 was published Jul 23, 2025

IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2... Moderate Unreviewed

CVE-2024-41750 was published Jul 23, 2025

IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to improper input validation due to... Moderate Unreviewed

CVE-2025-27367 was published Jul 8, 2025

Improper access control in the certificate management component of Ivanti Connect Secure before... Moderate Unreviewed

CVE-2025-5450 was published Jul 8, 2025

Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... Moderate Unreviewed

CVE-2025-43699 was published Jun 10, 2025

Client-side enforcement of server-side security issue exists in wivia 5 all versions. If... Moderate Unreviewed

CVE-2025-47697 was published May 30, 2025

A vulnerability has been found in Dígitro NGC Explorer 3.44.15 and classified as problematic.... Moderate Unreviewed

CVE-2025-4527 was published May 11, 2025

Out-of-bounds data read vulnerability in the authorization module Impact: Successful exploitation... Moderate Unreviewed

CVE-2025-46591 was published May 6, 2025

Outsystems Multiple File Upload < 3.1.0 is vulnerable to Unrestricted File Upload. The... Moderate Unreviewed

CVE-2025-28168 was published May 5, 2025

IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0.1 IF001 Authoring allows... Moderate Unreviewed

CVE-2025-1838 was published May 3, 2025

In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When... Moderate Unreviewed

CVE-2025-32359 was published Apr 5, 2025

A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet... Moderate Unreviewed

CVE-2024-52960 was published Mar 11, 2025

IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and IBM... Moderate Unreviewed

CVE-2024-49824 was published Jan 18, 2025

Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program has found that it is possible to... Moderate Unreviewed

CVE-2024-6831 was published Nov 26, 2024

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,... Moderate Unreviewed

CVE-2024-20476 was published Nov 6, 2024

IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged... Moderate Unreviewed

CVE-2024-43188 was published Sep 18, 2024

A client-side enforcement of server-side security in Fortinet FortiPortal version 6.0.0 through 6... Moderate Unreviewed

CVE-2023-48789 was published Jun 3, 2024

Client-Side Enforcement of Server-Side Security vulnerability in Highfivery LLC Zero Spam allows... Moderate Unreviewed

CVE-2024-32521 was published May 17, 2024

Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows... Moderate Unreviewed

CVE-2024-32685 was published May 17, 2024

Client-Side Enforcement of Server-Side Security vulnerability in weForms allows Removing... Moderate Unreviewed

CVE-2024-32512 was published May 17, 2024

Client-Side enforcement of Server-Side security for the Command Centre server could be bypassed... Moderate Unreviewed

CVE-2023-23570 was published Dec 19, 2023

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

37 advisories