GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
169 advisories
Filter by severity
A privacy issue was addressed by removing the vulnerable code. This issue is fixed in iOS 26.1...
High
Unreviewed
CVE-2025-43389
was published
Nov 4, 2025
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in...
High
Unreviewed
CVE-2025-43405
was published
Nov 4, 2025
This issue was addressed with improved redaction of sensitive information. This issue is fixed in...
High
Unreviewed
CVE-2025-43399
was published
Nov 4, 2025
Exposure of Private Personal Information to an Unauthorized Actor (CWE-359) in the Command Centre...
Moderate
Unreviewed
CVE-2025-35981
was published
Oct 23, 2025
The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has a Global...
Moderate
Unreviewed
CVE-2025-62644
was published
Oct 17, 2025
An Exposure of Private Personal Information ('Privacy Violation') vulnerability [CWE-359] in...
Moderate
Unreviewed
CVE-2025-53950
was published
Oct 16, 2025
In Gemini iOS, when a user shared a snippet of a conversation, it would share the entire...
Low
Unreviewed
CVE-2025-5009
was published
Oct 8, 2025
Cookie storage for non-HTML temporary documents was being shared incorrectly with normal browsing...
Moderate
Unreviewed
CVE-2025-10859
was published
Sep 30, 2025
This issue was addressed with improved redaction of sensitive information. This issue is fixed in...
Low
Unreviewed
CVE-2025-43357
was published
Sep 16, 2025
A configuration issue was addressed with additional restrictions. This issue is fixed in macOS...
Moderate
Unreviewed
CVE-2025-43310
was published
Sep 16, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Moderate
Unreviewed
CVE-2025-43279
was published
Sep 16, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is...
Low
Unreviewed
CVE-2025-43301
was published
Sep 16, 2025
Presta Shop vulnerable to email enumeration
Moderate
CVE-2025-51586
was published
for
prestashop/prestashop
(Composer)
Sep 4, 2025
A low-privileged remote attacker can obtain the username of another registered Sunny Portal user...
Moderate
Unreviewed
CVE-2025-41685
was published
Aug 19, 2025
Exposure of private personal information to an unauthorized actor in Azure Stack allows an...
Moderate
Unreviewed
CVE-2025-53765
was published
Aug 12, 2025
XWiki exposes passwords and emails stored in fields not named password/email in xml.vm
High
CVE-2025-54125
was published
for
org.xwiki.platform:xwiki-platform-legacy-oldcore
(Maven)
Aug 5, 2025
XWiki leaks password hashes and other accessible password properties
High
CVE-2025-54124
was published
for
org.xwiki.platform:xwiki-platform-legacy-oldcore
(Maven)
Aug 5, 2025
This issue was addressed with improved redaction of sensitive information. This issue is fixed in...
Moderate
Unreviewed
CVE-2025-43259
was published
Jul 30, 2025
This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and...
High
Unreviewed
CVE-2025-43227
was published
Jul 30, 2025
The issue was addressed by adding additional logic. This issue is fixed in iPadOS 17.7.9, iOS 18...
Moderate
Unreviewed
CVE-2025-43217
was published
Jul 30, 2025
This issue was addressed through improved state management. This issue is fixed in iOS 18.6 and...
Moderate
Unreviewed
CVE-2025-31276
was published
Jul 30, 2025
DynamicPageList3 vulnerability exposes hidden/suppressed usernames
High
CVE-2025-53625
was published
for
universal-omega/dynamic-page-list3
(Composer)
Jul 10, 2025
A flaw was found in Red Hat Advanced Cluster Management through versions 2.10, before 2.10.7, 2...
Moderate
Unreviewed
CVE-2025-6017
was published
Jul 2, 2025
Exposure of private personal information to an unauthorized actor in Dynamics 365 FastTrack...
High
Unreviewed
CVE-2025-49715
was published
Jun 20, 2025
Weblate exposes personal IP address via e-mail
Low
CVE-2025-49134
was published
for
weblate
(pip)
Jun 16, 2025
ProTip!
Advisories are also available from the
GraphQL API