Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,300 advisories

Loading
IBM Navigator Mobile Android 3.4.1.1 and 3.4.1.2 app could allow a local user to obtain sensitive... Moderate Unreviewed
CVE-2022-38388 was published Oct 11, 2022
OpenCanary Executes Commands From Potentially Writable Config File Moderate
CVE-2024-48911 was published for OpenCanary (pip) Oct 14, 2024
rootkiTED DavidBakerEffendi
AndreiDreyer
Mattermost Fails to Validate Team Invite Permissions Moderate
CVE-2025-3446 was published for github.com/mattermost/mattermost/server/v8 (Go) May 15, 2025
Mattermost Fails to Verify User's Permissions When Accessing Groups Moderate
CVE-2025-2527 was published for github.com/mattermost/mattermost/server/v8 (Go) May 15, 2025
The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is... Moderate Unreviewed
CVE-2025-4101 was published May 17, 2025
In Proget MDM, a low-privileged user can access information about changes contained in backups of... Moderate Unreviewed
CVE-2025-1417 was published May 21, 2025
A low-privileged user can access information about profiles created in Proget MDM (Mobile Device... Moderate Unreviewed
CVE-2025-1418 was published May 21, 2025
Zammad 5.2.1 is vulnerable to Incorrect Access Control. Zammad's asset handling mechanism has... Moderate Unreviewed
CVE-2022-40816 was published Sep 28, 2022
A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure... Moderate Unreviewed
CVE-2025-20257 was published May 21, 2025
Inappropriate implementation in iframe Sandbox in Google Chrome prior to 105.0.5195.52 allowed a... Moderate Unreviewed
CVE-2022-3057 was published Sep 27, 2022
Inappropriate implementation in Chrome OS lockscreen in Google Chrome on Chrome OS prior to 105.0... Moderate Unreviewed
CVE-2022-3048 was published Sep 27, 2022
Insufficient policy enforcement in Content Security Policy in Google Chrome prior to 105.0.5195... Moderate Unreviewed
CVE-2022-3056 was published Sep 27, 2022
A low-privileged user is able to obtain information about tasks executed on devices controlled by... Moderate Unreviewed
CVE-2025-1415 was published May 21, 2025
Inappropriate implementation in Extensions API in Google Chrome prior to 104.0.5112.101 allowed... Moderate Unreviewed
CVE-2022-2861 was published Sep 27, 2022
Insufficient policy enforcement in Extensions API in Google Chrome prior to 105.0.5195.52 allowed... Moderate Unreviewed
CVE-2022-3047 was published Sep 27, 2022
Inappropriate implementation in Site Isolation in Google Chrome prior to 105.0.5195.52 allowed a... Moderate Unreviewed
CVE-2022-3044 was published Sep 27, 2022
Tokens stored in plain text by PaaSLane Estimate Plugin Moderate
CVE-2023-50777 was published for com.cloudtp.jenkins:paaslane-estimate (Maven) Dec 13, 2023
IBM Security Guardium 12.0 could allow an authenticated user to obtain sensitive information due... Moderate Unreviewed
CVE-2025-25026 was published May 28, 2025
MantisBT unauthorized users able to access private files Moderate
CVE-2020-25781 was published for mantisbt/mantisbt (Composer) May 24, 2022
Mattermost improperly allows team administrators to modify team invites Moderate
CVE-2025-3913 was published for github.com/mattermost/mattermost/server/v8 (Go) May 29, 2025
MantisBT Incorrect Authorization in bug_actiongroup_page.php Moderate
CVE-2020-29605 was published for mantisbt/mantisbt (Composer) May 24, 2022
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... Moderate Unreviewed
CVE-2020-28401 was published May 24, 2022
An issue was discovered in Telindus Apsal 3.14.2022.235 b. Unauthorized actions that could modify... Moderate Unreviewed
CVE-2023-26097 was published Apr 24, 2023
An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the... Moderate Unreviewed
CVE-2024-7097 was published May 30, 2025
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper... Moderate Unreviewed
CVE-2018-10212 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database