Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,121
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

325 advisories

Loading
macrozheng mall-tiny 1.0.1 suffers from Insecure Permissions. The application's JWT signing keys... Critical Unreviewed
CVE-2024-57432 was published Jan 31, 2025
Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications... Critical Unreviewed
CVE-2024-21010 was published Apr 17, 2024
Incorrect Authorization in Apache Solr Critical
CVE-2020-13957 was published for org.apache.solr:solr-core (Maven) Feb 10, 2022
kurt-r2c jfposton
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, watchOS... Critical Unreviewed
CVE-2024-54530 was published Jan 28, 2025
SSH Communication Security PrivX versions between 18.0-36.0 implement insufficient validation on... Critical Unreviewed
CVE-2024-47857 was published Jan 31, 2025
WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application... Critical Unreviewed
CVE-2024-57032 was published Jan 17, 2025
This issue was addressed through improved state management. This issue is fixed in iOS 17.5 and... Critical Unreviewed
CVE-2024-44136 was published Jan 15, 2025
Insecure Permissions vulnerability in UAB Lexita PanteraCRM CMS v.401.152 and Patera CRM CMS v... Critical Unreviewed
CVE-2024-40530 was published Aug 5, 2024
Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful... Critical Unreviewed
CVE-2023-52538 was published Apr 8, 2024
Improper permission control vulnerability in the OXARI ServiceDesk application could allow an... Critical Unreviewed
CVE-2025-1542 was published Mar 26, 2025
A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to... Critical Unreviewed
CVE-2022-47003 was published Feb 1, 2023
Last Yard 22.09.8-1 does not enforce HSTS headers Critical Unreviewed
CVE-2022-47714 was published Feb 1, 2023
An issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass... Critical Unreviewed
CVE-2022-48066 was published Jan 27, 2023
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24233 was published Apr 1, 2025
Pexip Infinity Connect before 1.13.0 lacks sufficient authenticity checks during the loading of... Critical Unreviewed
CVE-2024-38392 was published Apr 2, 2025
An incorrect authorization vulnerability was identified in GitHub Enterprise Server, allowing for... Critical Unreviewed
CVE-2022-23739 was published Jan 17, 2023
https://www.hillstonenet.com.cn/ Hillstone Firewall SG-6000 <= 5.0.4.0 is vulnerable to Incorrect... Critical Unreviewed
CVE-2022-45778 was published Dec 28, 2022
In CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1107, attackers can make a... Critical Unreviewed
CVE-2021-45466 was published Dec 26, 2022
Planet eStream before 6.72.10.07 allows attackers to call restricted functions, and perform... Critical Unreviewed
CVE-2022-45891 was published Dec 25, 2022
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed
CVE-2025-27645 was published Mar 5, 2025
Multiple vulnerabilities in extension "Newsletter subscriber management" (fp_newsletter) Critical
CVE-2022-47408 was published for fixpunkt/fp-newsletter (Composer) Dec 14, 2022
ohader tdunlap607
oc_huff_tree_unpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid... Critical Unreviewed
CVE-2024-56431 was published Dec 25, 2024
Bookgy does not provide for proper authorisation control in multiple areas of the application.... Critical Unreviewed
CVE-2025-40619 was published Apr 29, 2025
The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated... Critical Unreviewed
CVE-2022-41326 was published Nov 22, 2022
Carel Boss Mini 1.5.0 has Improper Access Control. Critical Unreviewed
CVE-2022-34827 was published Nov 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database