Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,005 advisories

Loading
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23921 was published Jan 31, 2025
The AMS module has a vulnerability of lacking permission verification in APIs.Successful... High Unreviewed
CVE-2022-48302 was published Feb 9, 2023
The multi-screen collaboration module has a privilege escalation vulnerability. Successful... High Unreviewed
CVE-2022-48286 was published Feb 9, 2023
Western Digital My Cloud devices before OS5 allow REST API access by low-privileged accounts, as... High Unreviewed
CVE-2021-36225 was published Feb 6, 2023
An improper access control vulnerability in GitLab CE/EE affecting all versions from 17.4 prior... High Unreviewed
CVE-2025-2242 was published Mar 27, 2025
HTCondor 23.0.x before 23.0.22, 23.10.x before 23.10.22, 24.0.x before 24.0.6, and 24.6.x before... High Unreviewed
CVE-2025-30093 was published Mar 27, 2025
In multiple locations, there is a possible notification listener grant to an app running in the... High Unreviewed
CVE-2024-0043 was published May 7, 2024
Information disclosure issue in Active Resource High
CVE-2020-8151 was published for activeresource (RubyGems) May 21, 2020
levpachmanov
This issue was addressed with improved data access restriction. This issue is fixed in visionOS 2... High Unreviewed
CVE-2025-24221 was published Apr 1, 2025
tendermint-rs's Light Client Verifier allows malicious validators to spoof votes from other validators High
GHSA-6jrf-4jv4-r9mw was published for tendermint-light-client-verifier (Rust) Apr 9, 2025
felix-asym
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization... High Unreviewed
CVE-2025-26330 was published Apr 10, 2025
Uniswap Universal Router Incorrect Authorization vulnerability High
CVE-2022-48216 was published for @uniswap/universal-router (npm) Jan 4, 2023
Apache Ranger allows users to bypass intended access restrictions via direct access to module URLs High
CVE-2015-0266 was published for org.apache.ranger:ranger (Maven) May 17, 2022
The Microchip RN4870 module firmware 1.43 (and the Microchip PIC LightBlue Explorer Demo 4.2... High Unreviewed
CVE-2022-46399 was published Dec 20, 2022
D-Link DIR-869 DIR869Ax_FW102B15 is vulnerable to Authentication Bypass via phpcgi. High Unreviewed
CVE-2022-46076 was published Dec 20, 2022
Rockwell Automation FactoryTalk Services Platform v6.11 and earlier, if FactoryTalk Security is... High Unreviewed
CVE-2021-32960 was published Apr 3, 2022
In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate... High Unreviewed
CVE-2025-43917 was published Apr 19, 2025
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound... High Unreviewed
CVE-2017-4915 was published May 13, 2022
Foreman since version 1.5 is vulnerable to an incorrect authorization check due to which users... High Unreviewed
CVE-2017-7505 was published May 13, 2022
In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation... High Unreviewed
CVE-2017-0910 was published May 13, 2022
An access issue existed with privileged API calls. This issue was addressed with additional... High Unreviewed
CVE-2022-42849 was published Dec 15, 2022
The FileWave Windows client before 16.0.0, in some non-default configurations, allows an... High Unreviewed
CVE-2025-43922 was published Apr 21, 2025
In Soffid Console 3.5.38 before 3.5.39, necessary checks were not applied to some Java objects. A... High Unreviewed
CVE-2025-32408 was published Apr 21, 2025
Denial of service in Modem module due to improper authorization while error handling in... High Unreviewed
CVE-2022-25685 was published Dec 13, 2022
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed
CVE-2022-23741 was published Dec 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database