Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,383 advisories

Loading
Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the... Low Unreviewed
CVE-2025-25618 was published Mar 17, 2025
Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows teachers to take... Moderate Unreviewed
CVE-2025-25621 was published Mar 17, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app... Moderate Unreviewed
CVE-2024-54565 was published Mar 17, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app... Moderate Unreviewed
CVE-2024-54559 was published Mar 17, 2025
An improper access control vulnerability in FortiMail version 7.4.0 configured with RADIUS... Critical Unreviewed
CVE-2023-47539 was published Mar 18, 2025
CosmWasm Allows Bypass of Capability Restrictions in Blockchains Moderate
CVE-2025-25500 was published for cosmwasm (Rust) Mar 18, 2025
TastyIgniter Has an Incorrect Access Control Vulnerability via `invoice()` Function High
CVE-2024-44313 was published for tastyigniter/tastyigniter (Composer) Mar 18, 2025
Incorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024... High Unreviewed
CVE-2025-25585 was published Mar 18, 2025
An issue was discovered on IROAD Dashcam V devices. It uses an unregistered public domain name as... Critical Unreviewed
CVE-2025-30132 was published Mar 18, 2025
Systemic Risk Value <=2.8.0 is vulnerable to improper access control in /RiskValue... Moderate Unreviewed
CVE-2025-26138 was published Mar 18, 2025
An issue was discovered on G-Net Dashcam BB GONX devices. Managing Settings and Obtaining... Moderate Unreviewed
CVE-2025-30138 was published Mar 18, 2025
An issue was discovered on G-Net Dashcam BB GONX devices. One can Remotely Dump Video Footage and... High Unreviewed
CVE-2025-30141 was published Mar 18, 2025
An issue was discovered on G-Net Dashcam BB GONX devices. A Public Domain name is Used for the... High Unreviewed
CVE-2025-30140 was published Mar 18, 2025
lunary-ai/lunary is vulnerable to broken access control in the latest version. An attacker can... High Unreviewed
CVE-2024-10272 was published Mar 20, 2025
An improper access control vulnerability (IDOR) exists in the delete attachments functionality of... High Unreviewed
CVE-2024-10366 was published Mar 20, 2025
In lunary-ai/lunary version 1.5.6, the `/v1/evaluators/` endpoint lacks proper access control,... Moderate Unreviewed
CVE-2024-10330 was published Mar 20, 2025
In version 1.5.5 of lunary-ai/lunary, a vulnerability exists where admins, who do not have direct... High Unreviewed
CVE-2024-10275 was published Mar 20, 2025
In version 0.7.5 of danny-avila/LibreChat, there is an improper access control vulnerability.... Moderate Unreviewed
CVE-2024-10363 was published Mar 20, 2025
A Cross-Site WebSocket Hijacking (CSWSH) vulnerability in automatic1111/stable-diffusion-webui... Critical Unreviewed
CVE-2024-11045 was published Mar 20, 2025
An improper access control vulnerability in danny-avila/librechat versions prior to 0.7.6 allows... Critical Unreviewed
CVE-2024-11167 was published Mar 20, 2025
GPT Academy version 3.83 in the binary-husky/gpt_academic repository is vulnerable to Cross-Site... High Unreviewed
CVE-2024-10956 was published Mar 20, 2025
An Insecure Direct Object Reference (IDOR) vulnerability exists in the `PATCH /v1/runs/:id/score`... High Unreviewed
CVE-2024-11137 was published Mar 20, 2025
In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a... High Unreviewed
CVE-2024-11300 was published Mar 20, 2025
Due to a lack of access control, unauthorized users are able to view and modify information... High Unreviewed
CVE-2024-2292 was published Mar 20, 2025
In version v0.3.8 of open-webui/open-webui, there is an improper access control vulnerability. On... Moderate Unreviewed
CVE-2024-7040 was published Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database