Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a... High Unreviewed
CVE-2025-0359 was published Mar 4, 2025
IDOR Vulnerabilities in ZITADEL's Admin API that Primarily Impact LDAP Configurations Critical
CVE-2025-27507 was published for github.com/zitadel/zitadel (Go) Mar 4, 2025
amit-laish livio-a
fforootd adlerhurst
A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality.... Moderate Unreviewed
CVE-2024-39352 was published Mar 4, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed
CVE-2025-27645 was published Mar 5, 2025
Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an... High Unreviewed
CVE-2025-2003 was published Mar 5, 2025
An issue has been discovered in GitLab CE/EE for Self-Managed and Dedicated instances affecting... Low Unreviewed
CVE-2025-1540 was published Mar 6, 2025
Improper authorization in GitLab EE affecting all versions from 17.7 prior to 17.7.6, 17.8 prior... Moderate Unreviewed
CVE-2025-2045 was published Mar 6, 2025
An issue was discovered in the Masquerade module before 1.x-1.0.1 for Backdrop CMS. It allows... High Unreviewed
CVE-2025-27822 was published Mar 8, 2025
Umbraco Allows Improper API Access Control to Low-Privilege Users to Data Type Functionality Moderate
CVE-2025-27601 was published for Umbraco.Cms.Api.Management (NuGet) Mar 11, 2025
Umbraco Allows a Restricted Editor User to Delete Media Item or Access Unauthorized Content Moderate
CVE-2025-27602 was published for Umbraco.Cms.Web.Backoffice (NuGet) Mar 11, 2025
hazemeldoc
An incorrect authorization vulnerability [CWE-863] in FortiSandbox 4.4.0 through 4.4.6 may allow... High Unreviewed
CVE-2024-45328 was published Mar 11, 2025
An incorrect authorization vulnerability [CWE-863] in FortiSIEM 7.2 all versions, 7.1 all... Low Unreviewed
CVE-2024-55592 was published Mar 11, 2025
An issue has been discovered in GitLab EE/CE affecting all versions starting from 16.9 before 17... Moderate Unreviewed
CVE-2025-0652 was published Mar 13, 2025
An issue was discovered in GitLab EE affecting all versions from 16.5 prior to 17.7.7, 17.8 prior... Low Unreviewed
CVE-2024-7296 was published Mar 13, 2025
This vulnerability exists in the CAP back office application due to improper authorization checks... High Unreviewed
CVE-2025-29997 was published Mar 13, 2025
Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2 for macOS on Intel platforms allows... High Unreviewed
CVE-2025-30074 was published Mar 16, 2025
Broken access control vulnerability in the Innovación y Cualificación local administration plugin... Moderate Unreviewed
CVE-2025-2202 was published Mar 17, 2025
Broken access control vulnerability in the IcProgress Innovación y Cualificación plugin. This... Moderate Unreviewed
CVE-2025-2201 was published Mar 17, 2025
Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods Low
CVE-2025-27512 was published for zincati (Rust) Mar 17, 2025
jlebon
A vulnerability has been identified in the port ACL functionality of AOS-CX software running on... Low Unreviewed
CVE-2025-25040 was published Mar 18, 2025
Mattermost Fails to Properly Perform Viewer Role Authorization Moderate
CVE-2025-1472 was published for github.com/mattermost/mattermost-server (Go) Mar 19, 2025
XWiki uses the wrong wiki reference in AuthorizationManager High
CVE-2025-29924 was published for org.xwiki.platform:xwiki-platform-security-authorization-api (Maven) Mar 19, 2025
A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low... High Unreviewed
CVE-2024-10109 was published Mar 20, 2025
An incorrect authorization vulnerability exists in gaizhenbiao/chuanhuchatgpt version git c91dbfc... Moderate Unreviewed
CVE-2024-9159 was published Mar 20, 2025
DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 has a broken authorization schema. Moderate Unreviewed
CVE-2025-26853 was published Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database