Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

149 advisories

Loading
Cilium node based network policies may incorrectly allow workload traffic Low
CVE-2025-30163 was published for Ciliumgithub.com/cilium/cilium (Go) Mar 24, 2025
oblazek
Cilium East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers Low
CVE-2025-30162 was published for github.com/cilium/cilium (Go) Mar 24, 2025
pjablonski123
Mattermost fail to prompt for explicit approval before adding a team admin to a private channel Low
CVE-2025-27715 was published for github.com/mattermost/mattermost/server/v8 (Go) Mar 21, 2025
A vulnerability has been identified in the port ACL functionality of AOS-CX software running on... Low Unreviewed
CVE-2025-25040 was published Mar 18, 2025
Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods Low
CVE-2025-27512 was published for zincati (Rust) Mar 17, 2025
jlebon
An issue was discovered in GitLab EE affecting all versions from 16.5 prior to 17.7.7, 17.8 prior... Low Unreviewed
CVE-2024-7296 was published Mar 13, 2025
An incorrect authorization vulnerability [CWE-863] in FortiSIEM 7.2 all versions, 7.1 all... Low Unreviewed
CVE-2024-55592 was published Mar 11, 2025
An issue has been discovered in GitLab CE/EE for Self-Managed and Dedicated instances affecting... Low Unreviewed
CVE-2025-1540 was published Mar 6, 2025
Moodle allows teachers to evade trusttext config when restoring glossary entries Low
CVE-2025-26532 was published for moodle/moodle (Composer) Feb 24, 2025
Moodle has an IDOR in badges allows disabling of arbitrary badges Low
CVE-2025-26531 was published for moodle/moodle (Composer) Feb 24, 2025
An authentication issue was addressed with improved state management. This issue is fixed in iOS... Low Unreviewed
CVE-2025-24141 was published Jan 28, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.3,... Low Unreviewed
CVE-2025-24121 was published Jan 28, 2025
A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed
CVE-2024-44172 was published Jan 28, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security:... Low Unreviewed
CVE-2025-21546 was published Jan 21, 2025
Mattermost Incorrect Authorization vulnerability Low
CVE-2025-22449 was published for github.com/mattermost/mattermost/server/v8 (Go) Jan 9, 2025
stevebeattie
A vulnerability in the firewall component of HPE Aruba Networking CX 10000 Series Switches ... Low Unreviewed
CVE-2024-54010 was published Jan 8, 2025
There is an improper authorization vulnerability in some Huawei smartphones. An attacker could... Low Unreviewed
CVE-2020-9081 was published Dec 27, 2024
Some Honor products are affected by incorrect privilege assignment vulnerability, successful... Low Unreviewed
CVE-2024-47157 was published Dec 26, 2024
Oqtane Framework Insecure Direct Object Reference vulnerability Low
CVE-2024-55186 was published for Oqtane.Client (NuGet) Dec 20, 2024
The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in... Low Unreviewed
CVE-2024-9654 was published Dec 17, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 14.3 before 17.4.6... Low Unreviewed
CVE-2024-10043 was published Dec 12, 2024
Moodle's user/power level management inconsistent with suspended users Low
CVE-2024-43433 was published for moodle/moodle (Composer) Nov 11, 2024
Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 and 10.0.x <= 10.0.0 fail... Low Unreviewed
CVE-2024-42000 was published Nov 9, 2024
Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API Low
CVE-2024-48925 was published for Umbraco.CMS (NuGet) Oct 22, 2024
thanhlam-attt
Information Disclosure in TYPO3 Page Tree Low
CVE-2024-47780 was published for typo3/cms-backend (Composer) Oct 8, 2024
ohader jpmschuler
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database