Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,521
Maven
5,000+
npm
5,000+
NuGet
912
pip
4,768
Pub
13
RubyGems
1,036
Rust
1,229
Swift
53
Unreviewed advisories
All unreviewed
5,000+

57 advisories

Loading
Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that... Critical Unreviewed
CVE-2026-40035 was published Apr 9, 2026
Development and test API endpoints are present that mirror production functionality. Moderate Unreviewed
CVE-2026-32662 was published Apr 3, 2026
Digital Photo Frame GH-WDF10A provided by GREEN HOUSE CO., LTD. contains an active debug code... High Unreviewed
CVE-2026-33201 was published Mar 26, 2026
Sprig Plugin for Craft CMS potentially discloses sensitive information via Sprig Playground Moderate
CVE-2026-27131 was published for putyourlightson/craft-sprig (Composer) Mar 23, 2026
Neosprings Credited to Neosprings and bencroker bencroker bencroker
Unfurl's debug mode cannot be disabled due to string config parsing (Werkzeug debugger exposure) Critical
GHSA-vg9h-jx4v-cwx2 was published for dfir-unfurl (pip) Jan 29, 2026
mobasi-team Credited to mobasi-team
A vulnerability exists in serial device servers where active debug code remains enabled in the... High Unreviewed
CVE-2025-15017 was published Dec 31, 2025
Due to a Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal, an... Moderate Unreviewed
CVE-2025-42872 was published Dec 9, 2025
The Ubuntu edk2 UEFI firmware packages accidentally allowed the UEFI Shell to be accessed in... Low Unreviewed
CVE-2025-2486 was published Nov 26, 2025
Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code... High Unreviewed
CVE-2025-64983 was published Nov 26, 2025
An active debug code vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3,... Moderate Unreviewed
CVE-2025-54660 was published Nov 18, 2025
Active debug code for some Intel UEFI reference platforms within Ring 0: Kernel may allow a... High Unreviewed
CVE-2025-30185 was published Nov 11, 2025
A vulnerability was identified in certain UniFi Talk devices where internal debugging... High Unreviewed
CVE-2025-52663 was published Oct 31, 2025
An authenticated admin user with access to both the management WebUI and command line interface... High Unreviewed
CVE-2025-4106 was published Oct 25, 2025
There is a possible escalation of privilege due to test/debugging code left in a production build... High Unreviewed
CVE-2025-36899 was published Sep 4, 2025
Information disclosure while capturing logs as eSE debug messages are logged. Moderate Unreviewed
CVE-2025-21472 was published Aug 6, 2025
: Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, ABB Switch actuator, door... High Unreviewed
CVE-2025-7705 was published Jul 22, 2025
An open debug interface was reported in the Legion Space software included on certain Legion... Moderate Unreviewed
CVE-2025-1479 was published May 30, 2025
NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended... Low Unreviewed
CVE-2025-46674 was published Apr 27, 2025
A vulnerability was found in Netis WF-2404 1.1.124EN. It has been declared as critical. This... High Unreviewed
CVE-2025-2919 was published Mar 28, 2025
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.90), SIPROTEC... High Unreviewed
CVE-2024-53648 was published Feb 11, 2025
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to authentication bypass due to... Critical Unreviewed
CVE-2024-9643 was published Feb 4, 2025
Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be... Critical Unreviewed
CVE-2024-46873 was published Dec 23, 2024
A vulnerability in Cisco&nbsp;RCM for Cisco&nbsp;StarOS Software could allow an unauthenticated,... High Unreviewed
CVE-2022-20649 was published Nov 15, 2024
Active debug code vulnerability exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and... Moderate Unreviewed
CVE-2024-29075 was published Nov 12, 2024
Smart-tab Android app installed April 2023 or earlier contains an active debug code vulnerability... Moderate Unreviewed
CVE-2024-41999 was published Sep 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database