GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
52 advisories
Filter by severity
In OpenStack Ironic through 35.0.1, when applying a PATCH to update fields in volume properties...
Moderate
Unreviewed
CVE-2026-54421
was published
Jun 14, 2026
The factory reset functionality in GNCC GP5 v7.1.76 fails to clear sensitive cryptographic...
Moderate
Unreviewed
CVE-2026-36178
was published
Jun 4, 2026
A low privileged remote attacker can gain the root password due to improper removal of sensitive...
High
Unreviewed
CVE-2024-43384
was published
May 7, 2026
In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext...
High
Unreviewed
CVE-2026-43824
was published
May 2, 2026
Improper removal of sensitive information before storage or transfer in Windows Recovery...
Moderate
Unreviewed
CVE-2026-20928
was published
Apr 14, 2026
Improper removal of sensitive information before storage or transfer vulnerability in The...
High
Unreviewed
CVE-2026-39937
was published
Apr 8, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.14 before 18.7.6, 18...
Moderate
Unreviewed
CVE-2026-1182
was published
Mar 12, 2026
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.6 before 18.7.6, 18...
Moderate
Unreviewed
CVE-2026-1732
was published
Mar 11, 2026
A flaw was found in QEMU in the uefi-vars virtual device. When the guest writes to register...
Low
Unreviewed
CVE-2025-8860
was published
Feb 18, 2026
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program...
Low
Unreviewed
CVE-2025-61643
was published
Feb 3, 2026
Incomplete removal of sensitive information before transfer vulnerability in M-Files Corporation...
Moderate
Unreviewed
CVE-2025-14267
was published
Dec 19, 2025
SSH private keys of the "Remote alert handlers (Linux)" rule were exposed in the rule page's HTML...
Low
Unreviewed
CVE-2025-65000
was published
Dec 18, 2025
Improper removal of sensitive information in certain Zoom Clients before version 6.5.10 may allow...
Moderate
Unreviewed
CVE-2025-62483
was published
Nov 13, 2025
Improper removal of sensitive information before storage or transfer in AMD Crash Defender could...
Low
Unreviewed
CVE-2025-0011
was published
Sep 6, 2025
IBM Concert Software 1.0.0 through 1.1.0 could allow a remote attacker to obtain sensitive...
Moderate
Unreviewed
CVE-2025-1759
was published
Aug 18, 2025
IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0...
Moderate
Unreviewed
CVE-2025-33013
was published
Jul 25, 2025
gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript through 10.05.0 lacks...
Low
Unreviewed
CVE-2025-48708
was published
May 23, 2025
A vulnerability in the implementation of the internal system processes of Cisco APIC could allow...
Moderate
Unreviewed
CVE-2025-20118
was published
Feb 26, 2025
OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private...
High
Unreviewed
CVE-2024-8474
was published
Jan 6, 2025
In JetBrains TeamCity before 2024.12 backup file exposed user credentials and session cookies
Moderate
Unreviewed
CVE-2024-56353
was published
Dec 20, 2024
Profile files from TRO600 series radios are extracted in plain-text
and encrypted file formats....
Low
Unreviewed
CVE-2024-41156
was published
Oct 29, 2024
In the Linux kernel, the following vulnerability has been resolved:
net: ethernet: lantiq_etop:...
High
Unreviewed
CVE-2024-49997
was published
Oct 21, 2024
Windows Kernel-Mode Driver Information Disclosure Vulnerability
Moderate
Unreviewed
CVE-2024-43554
was published
Oct 8, 2024
A low privileged remote attacker can get access to CSRF tokens of higher privileged users which...
Moderate
Unreviewed
CVE-2024-7698
was published
Sep 10, 2024
Improper removal of sensitive information in data source export feature in Devolutions Remote...
Moderate
Unreviewed
CVE-2024-6055
was published
Jun 17, 2024
ProTip!
Advisories are also available from the
GraphQL API