Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,380 advisories

Loading
A vulnerability was found in Project Worlds Online Time Table Generator 1.0. It has been rated as... Moderate Unreviewed
CVE-2025-3040 was published Apr 1, 2025
A vulnerability classified as critical has been found in Project Worlds Online Time Table... Moderate Unreviewed
CVE-2025-3041 was published Apr 1, 2025
A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1... Moderate Unreviewed
CVE-2025-3042 was published Apr 1, 2025
A user authorized to access a view may be able to alter the intended collation, allowing them to... Low Unreviewed
CVE-2025-3082 was published Apr 1, 2025
A vulnerability, which was classified as critical, has been found in WonderCMS 3.5.0. Affected by... Moderate Unreviewed
CVE-2025-3123 was published Apr 3, 2025
A vulnerability was found in Projeqtor up to 12.0.2. It has been rated as critical. Affected by... Low Unreviewed
CVE-2025-3169 was published Apr 3, 2025
The kernel driver, accessible to low-privileged users, exposes a function that fails to properly... High Unreviewed
CVE-2025-1865 was published Apr 4, 2025
A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It... Moderate Unreviewed
CVE-2025-3244 was published Apr 4, 2025
Vite allows server.fs.deny to be bypassed with .svg or relative paths Moderate
CVE-2025-31486 was published for vite (npm) Apr 4, 2025
HSwift Iuhsssss
kikayli sw0rd1ight do9gy-msec Onetpaer
Memory corruption may occur due top improper access control in HAB process. High Unreviewed
CVE-2025-21425 was published Apr 7, 2025
A vulnerability, which was classified as critical, has been found in godcheese/code-projects... Moderate Unreviewed
CVE-2025-3324 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobId parameter Critical Unreviewed
CVE-2025-28402 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method... High Unreviewed
CVE-2025-28403 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the changeStatus... Critical Unreviewed
CVE-2025-28405 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the selectDeptTree... Critical Unreviewed
CVE-2025-28408 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the edit method of... High Unreviewed
CVE-2025-28407 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobLogId parameter Critical Unreviewed
CVE-2025-28406 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the add method of... High Unreviewed
CVE-2025-28409 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method... Critical Unreviewed
CVE-2025-28411 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the... Critical Unreviewed
CVE-2025-28410 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the /editSave... Critical Unreviewed
CVE-2025-28412 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the... Critical Unreviewed
CVE-2025-28413 was published Apr 7, 2025
A vulnerability classified as critical was found in mymagicpower AIAS 20250308. This... Moderate Unreviewed
CVE-2025-3410 was published Apr 8, 2025
Shopware Broken ACL on Document retrieval to access other customers documents Moderate
GHSA-68wv-g3fw-pq7q was published for shopware/core (Composer) Apr 8, 2025
Improper access control in Windows NTFS allows an authorized attacker to disclose file path... Moderate Unreviewed
CVE-2025-21197 was published Apr 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database