Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS... Moderate Unreviewed
CVE-2025-30440 was published May 13, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5... Moderate Unreviewed
CVE-2025-31227 was published May 13, 2025
IBM Navigator Mobile Android 3.4.1.1 and 3.4.1.2 app could allow a local user to obtain sensitive... Moderate Unreviewed
CVE-2022-38388 was published Oct 11, 2022
OpenCanary Executes Commands From Potentially Writable Config File Moderate
CVE-2024-48911 was published for OpenCanary (pip) Oct 14, 2024
rootkiTED DavidBakerEffendi
AndreiDreyer
Mattermost Fails to Validate Team Invite Permissions Moderate
CVE-2025-3446 was published for github.com/mattermost/mattermost/server/v8 (Go) May 15, 2025
Mattermost Fails to Verify User's Permissions When Accessing Groups Moderate
CVE-2025-2527 was published for github.com/mattermost/mattermost/server/v8 (Go) May 15, 2025
Mattermost Fails to Check User Access to `ExperimentalSettings` Low
CVE-2025-2570 was published for github.com/mattermost/mattermost/server/v8 (Go) May 15, 2025
The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is... Moderate Unreviewed
CVE-2025-4101 was published May 17, 2025
In the Linux kernel, the following vulnerability has been resolved: tracefs: Reset permissions... High Unreviewed
CVE-2024-36963 was published Jun 3, 2024
TYPO3 Allows Information Disclosure via DBAL Restriction Handling Low
CVE-2025-47937 was published for typo3/cms-core (Composer) May 20, 2025
christianfutterlieb eliashaeussler
In affected versions of Octopus Deploy it is possible to bypass rate limiting on login using null... Critical Unreviewed
CVE-2022-2778 was published Oct 1, 2022
In Proget MDM, a low-privileged user can retrieve passwords for managed devices and subsequently... High Unreviewed
CVE-2025-1416 was published May 21, 2025
In Proget MDM, a low-privileged user can access information about changes contained in backups of... Moderate Unreviewed
CVE-2025-1417 was published May 21, 2025
A low-privileged user can access information about profiles created in Proget MDM (Mobile Device... Moderate Unreviewed
CVE-2025-1418 was published May 21, 2025
Zammad 5.2.1 is vulnerable to Incorrect Access Control. Zammad's asset handling mechanism has... Moderate Unreviewed
CVE-2022-40816 was published Sep 28, 2022
A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure... Moderate Unreviewed
CVE-2025-20257 was published May 21, 2025
Inappropriate implementation in iframe Sandbox in Google Chrome prior to 105.0.5195.52 allowed a... Moderate Unreviewed
CVE-2022-3057 was published Sep 27, 2022
Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0... Moderate Unreviewed
CVE-2022-3048 was published Sep 27, 2022
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 105.0.5195... Moderate Unreviewed
CVE-2022-3056 was published Sep 27, 2022
A low-privileged user is able to obtain information about tasks executed on devices controlled by... Moderate Unreviewed
CVE-2025-1415 was published May 21, 2025
Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.101 allowed... Moderate Unreviewed
CVE-2022-2861 was published Sep 27, 2022
Inappropriate implementation in Site Isolation in Google Chrome prior to 105.0.5195.52 allowed a... Moderate Unreviewed
CVE-2022-3044 was published Sep 27, 2022
Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed... Moderate Unreviewed
CVE-2022-3047 was published Sep 27, 2022
Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed... High Unreviewed
CVE-2022-3045 was published Sep 27, 2022
System File Deletion vulnerabilities in ASPECT provide attackers access to delete system files if... High Unreviewed
CVE-2025-30171 was published May 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database