Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,377 advisories

Loading
Improper access control in Windows Defender Application Control (WDAC) allows an unauthorized... High Unreviewed
CVE-2025-26678 was published Apr 8, 2025
Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to... Moderate Unreviewed
CVE-2025-27738 was published Apr 8, 2025
Improper access control in Microsoft Office allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-27744 was published Apr 8, 2025
Improper access control in Visual Studio allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-29804 was published Apr 8, 2025
Improper access control in Active Directory Domain Services allows an authorized attacker to... High Unreviewed
CVE-2025-29810 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access... Critical Unreviewed
CVE-2025-30281 was published Apr 8, 2025
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are... Moderate Unreviewed
CVE-2025-27191 was published Apr 8, 2025
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are... Moderate Unreviewed
CVE-2025-27190 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access... High Unreviewed
CVE-2025-30288 was published Apr 8, 2025
An app may be able to break out of its sandbox. This issue is fixed in iOS 17 and iPadOS 17, iOS... Low Unreviewed
CVE-2023-42969 was published Apr 11, 2025
Improper access control in Visual Studio Code allows an authorized attacker to elevate privileges... Moderate Unreviewed
CVE-2025-32726 was published Apr 12, 2025
A vulnerability was found in Lingxing ERP 2. It has been classified as critical. This affects an... Moderate Unreviewed
CVE-2025-3552 was published Apr 14, 2025
A vulnerability was found in Lingxing ERP 2 and classified as critical. Affected by this issue is... Moderate Unreviewed
CVE-2025-3551 was published Apr 14, 2025
A vulnerability, which was classified as critical, was found in ghostxbh uzy-ssm-mall 1.0.0. This... Moderate Unreviewed
CVE-2025-3558 was published Apr 14, 2025
A vulnerability classified as critical was found in huanfenz/code-projects StudentManager 1.0.... Moderate Unreviewed
CVE-2025-3565 was published Apr 14, 2025
A vulnerability, which was classified as critical, has been found in veal98 小牛肉 Echo 开源社区系统 4.2.... Moderate Unreviewed
CVE-2025-3566 was published Apr 14, 2025
A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an... Moderate Unreviewed
CVE-2025-3585 was published Apr 14, 2025
A vulnerability was found in ZHENFENG13/code-projects My-Blog-layui 1.0. It has been declared as... Moderate Unreviewed
CVE-2025-3593 was published Apr 15, 2025
Dell Trusted Device, versions prior to 7.0.3.0, contain an Incorrect Default Permissions ... Moderate Unreviewed
CVE-2025-29984 was published Apr 15, 2025
code-gen <=2.0.6 is vulnerable to Incorrect Access Control. The project does not have permission... Moderate Unreviewed
CVE-2025-29705 was published Apr 15, 2025
Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle... Moderate Unreviewed
CVE-2025-21573 was published Apr 15, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2025-21587 was published Apr 15, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2025-21586 was published Apr 15, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported... Moderate Unreviewed
CVE-2025-21588 was published Apr 15, 2025
Vulnerability in the XML Database component of Oracle Database Server. Supported versions that... Moderate Unreviewed
CVE-2025-30694 was published Apr 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database