GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,824
Composer 4,869
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,923
npm 4,122
NuGet 735
pip 3,942
Pub 12
RubyGems 945
Rust 1,019
Swift 39

Unreviewed advisories

All unreviewed 269,039

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,044 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A low-privileged user is able to obtain information about tasks executed on devices controlled by... Moderate Unreviewed

CVE-2025-1415 was published May 21, 2025

A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure... Moderate Unreviewed

CVE-2025-20257 was published May 21, 2025

In Proget MDM, a low-privileged user can access information about changes contained in backups of... Moderate Unreviewed

CVE-2025-1417 was published May 21, 2025

A low-privileged user can access information about profiles created in Proget MDM (Mobile Device... Moderate Unreviewed

CVE-2025-1418 was published May 21, 2025

The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is... Moderate Unreviewed

CVE-2025-4101 was published May 17, 2025

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5... Moderate Unreviewed

CVE-2025-31227 was published May 13, 2025

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS... Moderate Unreviewed

CVE-2025-30440 was published May 13, 2025

Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability... Moderate Unreviewed

CVE-2025-3272 was published May 7, 2025

The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all... Moderate Unreviewed

CVE-2025-3609 was published May 6, 2025

The Prevent Direct Access – Protect WordPress Files plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-3861 was published Apr 25, 2025

In Sherpa Orchestrator 141851, a low-privileged user can elevate their privileges by creating new... Moderate Unreviewed

CVE-2025-46544 was published Apr 25, 2025

A vulnerability was found in mod_proxy_cluster. The issue is that the <Directory> directive... Moderate Unreviewed

CVE-2024-10306 was published Apr 23, 2025

Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux... Moderate Unreviewed

CVE-2024-12862 was published Apr 21, 2025

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create... Moderate Unreviewed

CVE-2025-43921 was published Apr 20, 2025

IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 could allow an authenticated... Moderate Unreviewed

CVE-2024-49808 was published Apr 18, 2025

The Password Protected – Password Protect your WordPress Site, Pages, & WooCommerce Products –... Moderate Unreviewed

CVE-2025-3453 was published Apr 17, 2025

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite ... Moderate Unreviewed

CVE-2025-21582 was published Apr 15, 2025

SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions... Moderate Unreviewed

CVE-2025-31331 was published Apr 8, 2025

An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have... Moderate Unreviewed

CVE-2024-55965 was published Mar 26, 2025

DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 has a broken authorization schema. Moderate Unreviewed

CVE-2025-26853 was published Mar 20, 2025

An incorrect authorization vulnerability exists in gaizhenbiao/chuanhuchatgpt version git c91dbfc... Moderate Unreviewed

CVE-2024-9159 was published Mar 20, 2025

Broken access control vulnerability in the IcProgress Innovación y Cualificación plugin. This... Moderate Unreviewed

CVE-2025-2201 was published Mar 17, 2025

Broken access control vulnerability in the Innovación y Cualificación local administration plugin... Moderate Unreviewed

CVE-2025-2202 was published Mar 17, 2025

An issue has been discovered in GitLab EE/CE affecting all versions starting from 16.9 before 17... Moderate Unreviewed

CVE-2025-0652 was published Mar 13, 2025

Improper authorization in GitLab EE affecting all versions from 17.7 prior to 17.7.6, 17.8 prior... Moderate Unreviewed

CVE-2025-2045 was published Mar 6, 2025

Previous 1…3…42 Next

Previous 1 2 3 4 5 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,044 advisories