Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,350 advisories

Loading
Incorrect access control in the DELT_file.xgi endpoint of D-Link DSL-7740C with firmware DSL7740C... Critical Unreviewed
CVE-2025-29515 was published Aug 25, 2025
A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload... Moderate Unreviewed
CVE-2025-9400 was published Aug 25, 2025
A vulnerability classified as critical was found in zhenfeng13 My-Blog 1.0. Affected by this... Moderate Unreviewed
CVE-2024-13145 was published Jan 6, 2025
A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the... Moderate Unreviewed
CVE-2024-13144 was published Jan 6, 2025
A vulnerability was found in donglight bookstore电商书城系统说明 1.0. It has been declared as critical.... Moderate Unreviewed
CVE-2024-13210 was published Jan 9, 2025
Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a... Critical Unreviewed
CVE-2022-43110 was published Aug 22, 2025
An Insecure Direct Object Reference (IDOR) vulnerability in Reolink Smart 2K+ Plug-in Wi-Fi Video... Moderate Unreviewed
CVE-2025-55626 was published Aug 22, 2025
UnoPim has Broken Access Control High
CVE-2025-55741 was published for unopim/unopim (Composer) Aug 22, 2025
0xcharb
A vulnerability has been found in wander-chu SpringBoot-Blog 1.0 and classified as critical. This... Moderate Unreviewed
CVE-2024-13201 was published Jan 9, 2025
Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to... Critical Unreviewed
CVE-2024-53496 was published Aug 22, 2025
A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi... High Unreviewed
CVE-2025-55630 was published Aug 22, 2025
Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges... Critical Unreviewed
CVE-2025-53763 was published Aug 21, 2025
Incorrect access control in the component /controller/PersonController.java of jshERP v3.5 allows... Moderate Unreviewed
CVE-2025-55371 was published Aug 21, 2025
Incorrect access control in the component \controller\UserController.java of jshERP v3.5 allows... Moderate Unreviewed
CVE-2025-55366 was published Aug 21, 2025
Incorrect access control in the component \controller\SupplierController.java of jshERP v3.5... Moderate Unreviewed
CVE-2025-55367 was published Aug 21, 2025
A vulnerability, which was classified as critical, was found in taisan tarzan-cms 1.0.0. This... Moderate Unreviewed
CVE-2024-13022 was published Dec 29, 2024
An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi... Moderate Unreviewed
CVE-2023-43491 was published Apr 17, 2024
A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi... High Unreviewed
CVE-2023-45744 was published Apr 17, 2024
On N-central, it is possible for any authenticated user to read, write and modify syslog... High Unreviewed
CVE-2025-7051 was published Aug 21, 2025
An issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8... Critical Unreviewed
CVE-2024-45438 was published Aug 21, 2025
Incorrect access control in dts-shop v0.0.1-SNAPSHOT allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-57154 was published Aug 20, 2025
Incorrect access control in the doFilter function of itranswarp up to 2.19 allows attackers to... High Unreviewed
CVE-2025-28041 was published Aug 20, 2025
An Improper Access Control could allow a malicious actor authenticated in the API of certain... High Unreviewed
CVE-2025-27215 was published Aug 21, 2025
Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access... High Unreviewed
CVE-2024-57152 was published Aug 20, 2025
Incorrect access control in radar v1.0.8 allows attackers to bypass authentication and access... Critical Unreviewed
CVE-2024-57155 was published Aug 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database