Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,149
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

50 advisories

Loading
HCL Connections contains a broken access control vulnerability that may allow unauthorized user... Low Unreviewed
CVE-2025-31961 was published Aug 15, 2025
An improper access control in Gitlab EE affecting all versions from 12.0 prior to 18.0.6, 18.1... Low Unreviewed
CVE-2025-2498 was published Aug 13, 2025
Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable... High Unreviewed
CVE-2025-22839 was published Aug 12, 2025
A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The... Critical Unreviewed
CVE-2025-4404 was published Jun 17, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.0.5, 18.1... Moderate Unreviewed
CVE-2025-7001 was published Jul 25, 2025
A vulnerability has been identified in the Now Platform that could result in data being inferred... High Unreviewed
CVE-2025-3648 was published Jul 8, 2025
A missing double-check feature in the WebGUI for CLI deactivation in Infinera G42 version R6.1.3... Moderate Unreviewed
CVE-2025-27026 was published Jul 2, 2025
Withdrawn Advisory: Lunary information disclosure vulnerability Moderate
CVE-2024-6867 was published for lunary (npm) Sep 13, 2024 withdrawn
hughcrt
An issue has been discovered in GitLab EE affecting all versions from 12.0 before 17.10.8, 17.11... Low Unreviewed
CVE-2025-5982 was published Jun 12, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In... Low Unreviewed
CVE-2025-1110 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before... Moderate Unreviewed
CVE-2025-4979 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17... Moderate Unreviewed
CVE-2025-1278 was published May 9, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 13.12 before 17.8.7, 17... Moderate Unreviewed
CVE-2025-2408 was published Apr 10, 2025
Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP. High Unreviewed
CVE-2024-33058 was published Apr 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0... High Unreviewed
CVE-2025-29987 was published Apr 3, 2025
Unauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metrics High
CVE-2023-27591 was published for miniflux.app (Go) Apr 2, 2025
40826d fguillot
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.8.6, 17.9... Moderate Unreviewed
CVE-2024-12619 was published Mar 28, 2025
A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and... High Unreviewed
CVE-2025-20111 was published Feb 26, 2025
The product implements access controls via a policy or other feature with the intention to... Moderate Unreviewed
CVE-2024-6696 was published Feb 20, 2025
Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow... Moderate Unreviewed
CVE-2024-39279 was published Feb 13, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to... Moderate Unreviewed
CVE-2024-11931 was published Jan 24, 2025
Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain an improper... High Unreviewed
CVE-2024-53295 was published Feb 1, 2025
Improper authorization in zenml Moderate
CVE-2024-2035 was published for zenml (pip) Jun 6, 2024
Insufficient Granularity of Access Control vulnerability in Drupal Paragraphs table allows... Moderate Unreviewed
CVE-2024-13272 was published Jan 9, 2025
Insufficient Granularity of Access Control vulnerability in Drupal Email Contact allows Forceful... High Unreviewed
CVE-2024-13256 was published Jan 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database