Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,004 advisories

Loading
wandb/openui latest commit c945bb859979659add5f490a874140ad17c56a5d contains a vulnerability... Moderate Unreviewed
CVE-2024-10649 was published Feb 10, 2025
Built-in SMS-configuration command in Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1... Critical Unreviewed
CVE-2024-36555 was published Feb 6, 2025
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0... Moderate Unreviewed
CVE-2024-54176 was published Feb 8, 2025
The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed
CVE-2024-7503 was published Aug 12, 2024
ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote... High Unreviewed
CVE-2019-9082 was published May 13, 2022
The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does... Critical Unreviewed
CVE-2010-5326 was published May 13, 2022
The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an... High Unreviewed
CVE-2024-2860 was published May 8, 2024
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege... Critical Unreviewed
CVE-2023-51478 was published Apr 25, 2024
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and... Critical Unreviewed
CVE-2021-44077 was published Nov 30, 2021
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-21559 was published Jan 21, 2025
A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle... High Unreviewed
CVE-2024-7516 was published Nov 12, 2024
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an authentication bypass... Critical Unreviewed
CVE-2024-9644 was published Feb 4, 2025
TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative... High Unreviewed
CVE-2022-24990 was published Feb 7, 2023
There is a MEDIUM severity vulnerability affecting CPython. The “socket” module provides a pure... Low Unreviewed
CVE-2024-3219 was published Jul 30, 2024
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... High Unreviewed
CVE-2025-21515 was published Jan 21, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component:... Critical Unreviewed
CVE-2025-21524 was published Jan 21, 2025
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The... High Unreviewed
CVE-2024-37368 was published Jun 14, 2024
In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow... High Unreviewed
CVE-2023-31444 was published Apr 28, 2023
In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible... Low Unreviewed
CVE-2024-54153 was published Dec 4, 2024
In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project... Low Unreviewed
CVE-2024-54155 was published Dec 4, 2024
In JetBrains Hub before 2024.3.55417 privilege escalation was possible via LDAP authentication... Moderate Unreviewed
CVE-2025-24456 was published Jan 21, 2025
An unauthenticated remote attacker can modify configurations to perform a remote code execution... Critical Unreviewed
CVE-2024-25995 was published Mar 12, 2024
The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2024-10284 was published Nov 9, 2024
The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business... Critical Unreviewed
CVE-2022-26143 was published Mar 11, 2022
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or... Moderate Unreviewed
CVE-2020-3952 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database