Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,377 advisories

Loading
Improper access control of endpoint in HCL Domino Leap allows certain admin users to import... Moderate Unreviewed
CVE-2024-30146 was published May 1, 2025
Lack of access controls in the 'ate' management binary of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed
CVE-2025-46629 was published May 2, 2025
An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between... High Unreviewed
CVE-2025-46635 was published May 2, 2025
Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03... High Unreviewed
CVE-2025-46628 was published May 2, 2025
Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint. Critical Unreviewed
CVE-2024-48905 was published May 2, 2025
A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu up to 4.2... Moderate Unreviewed
CVE-2025-4258 was published May 5, 2025
A vulnerability has been found in newbee-mall 1.0 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2025-4259 was published May 5, 2025
Improper access control in PAM feature in Devolutions Server 2025.1.6.0 and earlier allows a PAM... Moderate Unreviewed
CVE-2025-4316 was published May 5, 2025
Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote... Moderate Unreviewed
CVE-2025-4051 was published May 5, 2025
Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to... High Unreviewed
CVE-2025-45237 was published May 5, 2025
Incorrect access control in the doFilter function of kob latest v1.0.0-SNAPSHOT allows attackers... High Unreviewed
CVE-2025-45609 was published May 5, 2025
Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows... High Unreviewed
CVE-2025-45608 was published May 5, 2025
Incorrect access control in the component /scheduleLog/info/1 of PassJava-Platform v3.0.0 allows... High Unreviewed
CVE-2025-45610 was published May 5, 2025
BRCC Incorrect Access Control vulnerability Critical
CVE-2025-45616 was published for com.baidu.mapp:brcc-core (Maven) May 5, 2025
Incorrect access control in the component /user/list of Shiro-Action v0.6 allows attackers to... High Unreviewed
CVE-2025-45613 was published May 5, 2025
Incorrect access control in the /admin/ API of yaoqishan v0.0.1-SNAPSHOT allows attackers to gain... Critical Unreviewed
CVE-2025-45615 was published May 5, 2025
Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to... High Unreviewed
CVE-2025-45614 was published May 5, 2025
Incorrect access control in the /user/edit/ component of hope-boot v1.0.0 allows attackers to... Critical Unreviewed
CVE-2025-45611 was published May 5, 2025
Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis... Moderate Unreviewed
CVE-2025-45618 was published May 5, 2025
Incorrect access control in xmall v1.1 allows attackers to bypass authentication via a crafted... Critical Unreviewed
CVE-2025-45612 was published May 5, 2025
Incorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows... High Unreviewed
CVE-2025-45617 was published May 5, 2025
A vulnerability, which was classified as critical, was found in IdeaCMS up to 1.6. Affected is... Moderate Unreviewed
CVE-2025-4291 was published May 6, 2025
A vulnerability has been found in kefaming mayi up to 1.3.9 and classified as critical. This... Moderate Unreviewed
CVE-2025-4305 was published May 6, 2025
A vulnerability classified as critical has been found in itsourcecode Content Management System 1... Moderate Unreviewed
CVE-2025-4310 was published May 6, 2025
Memory corruption during memory mapping into protected VM address space due to incorrect API... High Unreviewed
CVE-2024-49842 was published May 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database