Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

49 advisories

Loading
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... High Unreviewed
CVE-2025-40591 was published Jun 10, 2025
Improper Preservation of Permissions vulnerability in Salesforce OmniStudio (FlexCards) allows... Moderate Unreviewed
CVE-2025-43699 was published Jun 10, 2025
Client-side enforcement of server-side security issue exists in wivia 5 all versions. If... Moderate Unreviewed
CVE-2025-47697 was published May 30, 2025
IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive... High Unreviewed
CVE-2025-33137 was published May 22, 2025
A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote... High Unreviewed
CVE-2025-20113 was published May 21, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... Critical Unreviewed
CVE-2025-32469 was published May 13, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... Critical Unreviewed
CVE-2025-33024 was published May 13, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... Critical Unreviewed
CVE-2025-33025 was published May 13, 2025
A vulnerability has been found in Dígitro NGC Explorer 3.44.15 and classified as problematic.... Moderate Unreviewed
CVE-2025-4527 was published May 11, 2025
Outsystems Multiple File Upload < 3.1.0 is vulnerable to Unrestricted File Upload. The... Moderate Unreviewed
CVE-2025-28168 was published May 5, 2025
IBM Cloud Pak for Business Automation 24.0.0 and 24.0.1 through 24.0.1 IF001 Authoring allows... Moderate Unreviewed
CVE-2025-1838 was published May 3, 2025
This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the... High Unreviewed
CVE-2025-42601 was published Apr 23, 2025
W. W. Norton InQuizitive through 2025-04-08 allows students to insert arbitrary records of their... High Unreviewed
CVE-2025-32808 was published Apr 11, 2025
In Zammad 6.4.x before 6.4.2, there is client-side enforcement of server-side security. When... Moderate Unreviewed
CVE-2025-32359 was published Apr 5, 2025
A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet... Moderate Unreviewed
CVE-2024-52960 was published Mar 11, 2025
An issue in account management interface in Netsweeper Server v.8.2.6 and earlier (fixed in v.8.2... High Unreviewed
CVE-2025-25497 was published Mar 6, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330... Critical Unreviewed
CVE-2025-27681 was published Mar 5, 2025
IBM Robotic Process Automation 21.0.0 through 21.0.7.18 and 23.0.0 through 23.0.18 and IBM... Moderate Unreviewed
CVE-2024-49824 was published Jan 18, 2025
Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before... High Unreviewed
CVE-2024-9844 was published Dec 10, 2024
Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program has found that it is possible to... Moderate Unreviewed
CVE-2024-6831 was published Nov 26, 2024
A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData at least... High Unreviewed
CVE-2024-23666 was published Nov 12, 2024
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,... Moderate Unreviewed
CVE-2024-20476 was published Nov 6, 2024
IBM Business Automation Workflow 22.0.2, 23.0.1, 23.0.2, and 24.0.0 could allow a privileged... Moderate Unreviewed
CVE-2024-43188 was published Sep 18, 2024
Insufficient server-side controls in the management console of Ivanti Workspace Control version... High Unreviewed
CVE-2024-44106 was published Sep 10, 2024
CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security High Unreviewed
CVE-2024-42340 was published Aug 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database