GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,025
Composer 4,790
Erlang 36
GitHub Actions 29
Go 2,370
Maven 5,680
npm 3,994
NuGet 720
pip 3,783
Pub 12
RubyGems 927
Rust 982
Swift 38

Unreviewed advisories

All unreviewed 261,453

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

157 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Zipkin through 3.5.1 has a /heapdump endpoint (associated with the use of Spring Boot Actuator),... Moderate Unreviewed

CVE-2025-53602 was published Jul 4, 2025

Insecure Default Initialization of Resource vulnerability in Apache Solr High

CVE-2024-45217 was published for org.apache.solr:solr (Maven) Oct 16, 2024

The Versa Director software exposes a number of services by default and allow attackers an easy... Critical Unreviewed

CVE-2025-24288 was published Jun 19, 2025

The CS5000 Fire Panel is vulnerable due to a default account that exists on the panel. Even... Critical Unreviewed

CVE-2025-41438 was published May 30, 2025

The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap... Moderate Unreviewed

CVE-2025-48927 was published May 28, 2025

A vulnerability has been identified in IEC 1Ph 7.4kW Child socket (8EM1310-2EH04-0GA0) (All... High Unreviewed

CVE-2025-31930 was published May 13, 2025

In the Linux kernel, the following vulnerability has been resolved: dm btree remove: assign... Moderate Unreviewed

CVE-2021-47343 was published May 21, 2024

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an... Moderate Unreviewed

CVE-2023-48733 was published Feb 15, 2024

CNCF K3s Kubernetes kubelet configuration exposes credentials Moderate

CVE-2025-46599 was published for github.com/k3s-io/k3s (Go) Apr 25, 2025

Insecure default variable initialization of Intel(R) RealSense(TM) ID Solution F450 before... Moderate Unreviewed

CVE-2021-33130 was published May 13, 2022

In JetBrains RubyMine before 2025.1 remote Interpreter overwrote ports to listen on all interfaces High Unreviewed

CVE-2025-43015 was published Apr 17, 2025

An issue was discovered in Schneider Electric Wonderware Historian 2014 R2 SP1 P01 and earlier.... High Unreviewed

CVE-2017-5155 was published May 13, 2022

An issue was discovered in Schneider Electric Tableau Server/Desktop Versions 7.0 to 10.1.3 in... Critical Unreviewed

CVE-2017-5178 was published May 13, 2022

wp-mail.php in WordPress before 4.7.1 might allow remote attackers to bypass intended posting... Moderate Unreviewed

CVE-2017-5491 was published May 13, 2022

Insecure default settings have been found in recorder products provided by Yokogawa Electric... Critical Unreviewed

CVE-2025-1863 was published Apr 18, 2025

Shopware default newsletter opt-in settings allow for mass sign-up abuse Low

CVE-2025-32378 was published for shopware/core (Composer) Apr 9, 2025

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could... Moderate Unreviewed

CVE-2025-2442 was published Apr 9, 2025

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could... Moderate Unreviewed

CVE-2025-2441 was published Apr 9, 2025

Insecure default variable initialization in some Zoom Workplace Apps for Windows may allow an... Low Unreviewed

CVE-2025-27443 was published Apr 8, 2025

Dell Common Event Enabler, version(s) CEE 9.0.0.0, contain(s) an Initialization of a Resource... Moderate Unreviewed

CVE-2025-29985 was published Apr 8, 2025

Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have... Moderate Unreviewed

CVE-2025-27809 was published Mar 25, 2025

Initialization of a resource with an insecure default vulnerability exists in JavaTM Platform Ver... High Unreviewed

CVE-2024-41995 was published Aug 6, 2024

An unauthenticated remote attacker can gain limited information of the PLC network but the user... Moderate Unreviewed

CVE-2024-41975 was published Mar 18, 2025

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could... Critical Unreviewed

CVE-2025-1960 was published Mar 12, 2025

A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects... Moderate Unreviewed

CVE-2025-2129 was published Mar 9, 2025

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

157 advisories