Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,257 advisories

Loading
The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is... Moderate Unreviewed
CVE-2025-4101 was published May 17, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect... High Unreviewed
CVE-2025-43565 was published May 13, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect... Critical Unreviewed
CVE-2025-43561 was published May 13, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access... Critical Unreviewed
CVE-2025-43564 was published May 13, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5... Moderate Unreviewed
CVE-2025-31227 was published May 13, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS... Moderate Unreviewed
CVE-2025-30440 was published May 13, 2025
Improper Authorization in Azure Automation allows an authorized attacker to elevate privileges... Critical Unreviewed
CVE-2025-29827 was published May 9, 2025
An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content... High Unreviewed
CVE-2025-26842 was published May 8, 2025
On F5OS, an improper authorization vulnerability exists where remotely authenticated users (LDAP,... High Unreviewed
CVE-2025-46265 was published May 8, 2025
On an F5OS system, if the root user had previously configured the system to allow login via SSH... Critical Unreviewed
CVE-2025-36546 was published May 8, 2025
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager.  The vulnerability... Moderate Unreviewed
CVE-2025-3272 was published May 7, 2025
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability... Critical Unreviewed
CVE-2025-3476 was published May 7, 2025
The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all... Moderate Unreviewed
CVE-2025-3609 was published May 6, 2025
NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged... High Unreviewed
CVE-2025-23244 was published May 1, 2025
Bookgy does not provide for proper authorisation control in multiple areas of the application.... Critical Unreviewed
CVE-2025-40619 was published Apr 29, 2025
An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2025-24206 was published Apr 29, 2025
The Prevent Direct Access – Protect WordPress Files plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-3861 was published Apr 25, 2025
In Sherpa Orchestrator 141851, a low-privileged user can elevate their privileges by creating new... Moderate Unreviewed
CVE-2025-46544 was published Apr 25, 2025
A vulnerability was found in mod_proxy_cluster. The issue is that the <Directory> directive... Moderate Unreviewed
CVE-2024-10306 was published Apr 23, 2025
The FileWave Windows client before 16.0.0, in some non-default configurations, allows an... High Unreviewed
CVE-2025-43922 was published Apr 21, 2025
Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux... Moderate Unreviewed
CVE-2024-12862 was published Apr 21, 2025
In Soffid Console 3.5.38 before 3.5.39, necessary checks were not applied to some Java objects. A... High Unreviewed
CVE-2025-32408 was published Apr 21, 2025
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create... Moderate Unreviewed
CVE-2025-43921 was published Apr 20, 2025
In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate... High Unreviewed
CVE-2025-43917 was published Apr 19, 2025
IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 could allow an authenticated... Moderate Unreviewed
CVE-2024-49808 was published Apr 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database