Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,781 advisories

Loading
An incorrect authorization vulnerability exists in multiple WSO2 products due to a business logic... Critical Unreviewed
CVE-2024-6914 was published May 22, 2025
Device commissioning parameters in ASPECT may be modified by an external source if administrative... High Unreviewed
CVE-2024-13947 was published May 22, 2025
Tokens stored in plain text by PaaSLane Estimate Plugin Moderate
CVE-2023-50777 was published for com.cloudtp.jenkins:paaslane-estimate (Maven) Dec 13, 2023
Rancher users who can create Projects can gain access to arbitrary projects High
CVE-2024-22031 was published for github.com/rancher/rancher (Go) Apr 25, 2025
AnonySE26
IBM Security Guardium 12.0 could allow an authenticated user to obtain sensitive information due... Moderate Unreviewed
CVE-2025-25026 was published May 28, 2025
An Incorrect Authorization vulnerability [CWE-863] in FortiClient Mac 7.4.0 through 7.4.2, 7.2.0... High Unreviewed
CVE-2025-25251 was published May 28, 2025
Unauthorized access vulnerability in the card management module. Successful exploitation of this... High Unreviewed
CVE-2023-49246 was published Dec 6, 2023
Liferay Portal and Liferay DXP Has Company Administrator Accounts Vulnerable to Takeovers High
CVE-2021-33335 was published for com.liferay.portal:release.dxp.bom (Maven) May 24, 2022
MantisBT unauthorized users able to access private files Moderate
CVE-2020-25781 was published for mantisbt/mantisbt (Composer) May 24, 2022
Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute... High Unreviewed
CVE-2024-22938 was published Jan 30, 2024
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for... Critical Unreviewed
CVE-2022-28321 was published Sep 20, 2022
An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In... Low Unreviewed
CVE-2025-1110 was published May 22, 2025
Mattermost improperly allows team administrators to modify team invites Moderate
CVE-2025-3913 was published for github.com/mattermost/mattermost/server/v8 (Go) May 29, 2025
MantisBT Incorrect Authorization for bug_revision_view_page.php check High
CVE-2020-35849 was published for mantisbt/mantisbt (Composer) May 24, 2022
MantisBT Incorrect Authorization in bug_actiongroup_page.php Moderate
CVE-2020-29605 was published for mantisbt/mantisbt (Composer) May 24, 2022
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... Moderate Unreviewed
CVE-2020-28401 was published May 24, 2022
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses... High Unreviewed
CVE-2022-34908 was published Feb 27, 2023
An issue was discovered in Telindus Apsal 3.14.2022.235 b. Unauthorized actions that could modify... Moderate Unreviewed
CVE-2023-26097 was published Apr 24, 2023
An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the... Moderate Unreviewed
CVE-2024-7097 was published May 30, 2025
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper... Moderate Unreviewed
CVE-2018-10212 was published May 13, 2022
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... High Unreviewed
CVE-2020-28402 was published May 24, 2022
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... Moderate Unreviewed
CVE-2020-28404 was published May 24, 2022
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... High Unreviewed
CVE-2020-28405 was published May 24, 2022
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... Moderate Unreviewed
CVE-2020-28406 was published May 24, 2022
In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/sso/config/ SSO configuration... High Unreviewed
CVE-2021-38615 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database