Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,494
Maven
5,000+
npm
4,129
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

125 advisories

Loading
Vite middleware may serve files starting with the same name with the public directory Low
CVE-2025-58751 was published for vite (npm) Sep 9, 2025
orihjfrog lukeed
Vite's `server.fs` settings were not applied to HTML files Low
CVE-2025-58752 was published for vite (npm) Sep 9, 2025
orihjfrog dominikg
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app... Low Unreviewed
CVE-2024-44271 was published Aug 29, 2025
Improper access control for some Edge Orchestrator software before version 24.11.1 for Intel(R)... Low Unreviewed
CVE-2025-24840 was published Aug 12, 2025
Withdrawn Advisory: JHipster allows privilege escalation via a modified authorities parameter Low
CVE-2025-43712 was published for generator-jhipster (npm) Jul 25, 2025 withdrawn
In Linksys EA6350 V2.1.2, the chroot_local_user option is enabled in the dynamically generated... Low Unreviewed
CVE-2025-44657 was published Jul 21, 2025
Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). ... Low Unreviewed
CVE-2025-50081 was published Jul 15, 2025
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper Access... Low Unreviewed
CVE-2025-49546 was published Jul 8, 2025
Improper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may... Low Unreviewed
CVE-2025-20076 was published May 13, 2025
Vulnerability in the Oracle Applications Technology Stack product of Oracle E-Business Suite ... Low Unreviewed
CVE-2025-30731 was published Apr 15, 2025
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable... Low Unreviewed
CVE-2025-30700 was published Apr 15, 2025
An app may be able to break out of its sandbox. This issue is fixed in iOS 17 and iPadOS 17, iOS... Low Unreviewed
CVE-2023-42969 was published Apr 11, 2025
A vulnerability was found in Projeqtor up to 12.0.2. It has been rated as critical. Affected by... Low Unreviewed
CVE-2025-3169 was published Apr 3, 2025
A user authorized to access a view may be able to alter the intended collation, allowing them to... Low Unreviewed
CVE-2025-3082 was published Apr 1, 2025
This issue was addressed with improved authentication. This issue is fixed in iOS 18.4 and iPadOS... Low Unreviewed
CVE-2025-24193 was published Apr 1, 2025
Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation allowing the... Low Unreviewed
CVE-2025-25618 was published Mar 17, 2025
A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical.... Low Unreviewed
CVE-2025-1882 was published Mar 3, 2025
Magento Improper Access Control vulnerability Low
CVE-2025-24429 was published for magento/community-edition (Composer) Feb 11, 2025
Windows NTFS Elevation of Privilege Vulnerability Low Unreviewed
CVE-2025-21337 was published Feb 11, 2025
IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to a file level local denial of service caused by an... Low Unreviewed
CVE-2024-35122 was published Jan 24, 2025
Umbraco CMS Improper Access Control Vulnerability Allows Low-Privilege Users to Access Webhook API Low
CVE-2024-48925 was published for Umbraco.CMS (NuGet) Oct 22, 2024
thanhlam-attt
Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). ... Low Unreviewed
CVE-2024-21247 was published Oct 15, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version... Low Unreviewed
CVE-2023-27303 was published Oct 10, 2024
Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version... Low Unreviewed
CVE-2023-26596 was published Oct 10, 2024
Magento Open Source Improper Access Control vulnerability Low
CVE-2024-45149 was published for magento/community-edition (Composer) Oct 10, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database