Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
73
GitHub Actions
53
Go
4,004
Maven
5,000+
npm
5,000+
NuGet
975
pip
5,000+
Pub
13
RubyGems
1,069
Rust
1,395
Swift
61
Unreviewed advisories
All unreviewed
5,000+

24 advisories

Loading
Algernon: Single-file mode unconditionally enables debug mode High
CVE-2026-45728 was published for github.com/xyproto/algernon (Go) May 19, 2026
Dredsen Credited to Dredsen
ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure... High Unreviewed
CVE-2026-4155 was published Apr 11, 2026
Bentley Systems iTwin Platform exposed a Cesium ion access token in the source of some web pages.... Moderate Unreviewed
CVE-2026-35383 was published Apr 2, 2026
Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0,... Moderate Unreviewed
CVE-2026-22275 was published Jan 23, 2026
IBM Planning Analytics Local 2.1.0 through 2.1.14 stores sensitive information in source code... Moderate Unreviewed
CVE-2025-36299 was published Nov 17, 2025
IBM Analytics Content Hub 2.0, 2.1, 2.2, and 2.3 is vulnerable to information exposure and... Moderate Unreviewed
CVE-2024-38327 was published Jul 10, 2025
Files in the source code contain login credentials for the admin user and the property... High Unreviewed
CVE-2025-49182 was published Jun 12, 2025
IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and... Moderate Unreviewed
CVE-2025-0923 was published Jun 11, 2025
IBM Cognos Analytics Mobile 1.1 for iOS application could allow an attacker to reverse engineer... Low Unreviewed
CVE-2024-55907 was published Mar 2, 2025
An issue in Loggrove v.1.0 allows a remote attacker to obtain sensitive information via the read... High Unreviewed
CVE-2025-26013 was published Feb 21, 2025
PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext Critical
CVE-2025-23215 was published for net.sourceforge.pmd:pmd-core (Maven) Jan 31, 2025
hboutemy Credited to hboutemy and yusuke-koyoshi yusuke-koyoshi yusuke-koyoshi
IBM Maximo Application Suite 8.10, 8.11, and 9.0 - Monitor Component stores source code on the... Moderate Unreviewed
CVE-2024-35144 was published Jan 25, 2025
An issue has been discovered in GitLab EE affecting all versions starting from 16.6 prior to 17.2... Low Unreviewed
CVE-2024-9596 was published Oct 10, 2024
IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through... Moderate Unreviewed
CVE-2024-27257 was published Sep 10, 2024
A vulnerability was found in 云课网络科技有限公司 Yunke Online School System up to 1.5.5. It has been... Low Unreviewed
CVE-2024-8417 was published Sep 4, 2024
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to... Moderate Unreviewed
CVE-2024-39729 was published Jul 15, 2024
Inclusion of Sensitive Information in Source Code vulnerability in TNB Mobile Solutions Cockpit... Moderate Unreviewed
CVE-2024-1272 was published Jun 5, 2024
A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as... Low Unreviewed
CVE-2024-2355 was published Mar 10, 2024
A vulnerability, which was classified as problematic, was found in keerti1924 PHP-MYSQL-User... Moderate Unreviewed
CVE-2024-2265 was published Mar 8, 2024
IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to... Moderate Unreviewed
CVE-2023-35013 was published Oct 16, 2023
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code... Moderate Unreviewed
CVE-2023-30802 was published Oct 10, 2023
Dell Storage Integration Tools for VMware (DSITV) 06.01.00.016 contain an information disclosure... Moderate Unreviewed
CVE-2023-39250 was published Aug 16, 2023
Inclusion of Sensitive Information in Source Code in SICK FTMg AIR FLOW SENSOR with Partnumbers... Moderate Unreviewed
CVE-2023-23448 was published May 15, 2023
A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content... Moderate Unreviewed
CVE-2021-1516 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database