Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,675
Maven
5,000+
npm
4,297
NuGet
760
pip
4,077
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

197 advisories

Loading
An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user... Moderate Unreviewed
CVE-2024-13916 was published May 30, 2025
A exposure of sensitive system information to an unauthorized control sphere in Fortinet... Low Unreviewed
CVE-2025-24473 was published May 28, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Low Unreviewed
CVE-2025-2236 was published May 27, 2025
Exposure of file path, file size or file existence vulnerabilities in ASPECT provide attackers... Moderate Unreviewed
CVE-2025-30170 was published May 22, 2025
The affected products could allow an unauthenticated attacker to access system information that... High Unreviewed
CVE-2025-4364 was published May 20, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Solid... Moderate Unreviewed
CVE-2025-39394 was published May 19, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-32299 was published May 16, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-31062 was published May 16, 2025
In BlueWave Checkmate before 2.1, an authenticated regular user can access sensitive application... Moderate Unreviewed
CVE-2025-48024 was published May 15, 2025
sudo-rs Allows Low Privilege Users to Enumerate Privileges of Others Low
CVE-2025-46718 was published for sudo-rs (Rust) May 13, 2025
zonia3000 squell
bjorn3
Credited to zonia3000, squell, and bjorn3
sudo-rs Allows Low Privilege Users to Discover the Existence of Files in Inaccessible Folders Low
CVE-2025-46717 was published for sudo-rs (Rust) May 13, 2025
squell rnijveld
Credited to squell and rnijveld
The Live Auction Cockpit in SAP Supplier Relationship Management (SRM) uses a deprecated java... Moderate Unreviewed
CVE-2025-30011 was published May 13, 2025
An authenticated user without user-management permissions could identify other user accounts. Moderate Unreviewed
CVE-2025-46747 was published May 12, 2025
Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk... Moderate Unreviewed
CVE-2025-3506 was published May 8, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-47540 was published May 7, 2025
Vestel AC Charger version 3.75.0 contains a vulnerability that could enable an attacker to... High Unreviewed
CVE-2025-3606 was published Apr 25, 2025
A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly... Moderate Unreviewed
CVE-2025-46421 was published Apr 24, 2025
ses's global contour bindings leak into Compartment lexical scope High
CVE-2025-32792 was published for ses (npm) Apr 18, 2025
mingijunggrape michaelfig
mhofman kriskowal
Credited to mingijunggrape, michaelfig, mhofman, and kriskowal
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-39439 was published Apr 17, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-39589 was published Apr 16, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-39556 was published Apr 16, 2025
Mattermost doesn't restrict domains LLM can request to contact upstream Low
CVE-2025-31363 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 16, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... High Unreviewed
CVE-2025-26730 was published Apr 16, 2025
Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications... High Unreviewed
CVE-2025-30686 was published Apr 15, 2025
IBM Aspera Console 3.4.0 through 3.4.4 could disclose sensitive information in HTTP headers that... Moderate Unreviewed
CVE-2022-43852 was published Apr 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database