GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,889
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,942
npm 4,147
NuGet 735
pip 3,948
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,129 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a... High Unreviewed

CVE-2025-33073 was published Jun 10, 2025

Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows... High Unreviewed

CVE-2025-45584 was published Sep 12, 2025

The MongoDB Windows installation MSI may leave ACLs unset on custom installation directories... High Unreviewed

CVE-2025-10491 was published Sep 15, 2025

OpenSynergy BlueSDK (aka Blue SDK) through 6.x mishandles a function call. The specific flaw... High Unreviewed

CVE-2024-45432 was published Sep 12, 2025

Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0... High Unreviewed

CVE-2025-10201 was published Sep 10, 2025

An issue was discovered in litmusautomation litmus-mcp-server thru 0.0.1 allowing unauthorized... High Unreviewed

CVE-2025-56405 was published Sep 10, 2025

Improper access control in Windows MultiPoint Services allows an authorized attacker to elevate... High Unreviewed

CVE-2025-54116 was published Sep 9, 2025

Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to... High Unreviewed

CVE-2025-49692 was published Sep 9, 2025

Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges... High Unreviewed

CVE-2025-54098 was published Sep 9, 2025

The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde... High Unreviewed

CVE-2014-9197 was published May 17, 2022

Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability High Unreviewed

CVE-2025-55238 was published Sep 5, 2025

The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities,... High Unreviewed

CVE-2025-54599 was published Sep 2, 2025

There is an Access Control Vulnerability in some HikCentral Professional versions. This could... High Unreviewed

CVE-2025-39247 was published Aug 29, 2025

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager,... High Unreviewed

CVE-2022-36923 was published Aug 11, 2022

PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the getThemeFileContent function. High Unreviewed

CVE-2025-29421 was published Aug 26, 2025

Incorrect access control in the preHandle function of SpringBootBlog v1.0.0 allows attackers to... High Unreviewed

CVE-2024-53494 was published Aug 22, 2025

A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi... High Unreviewed

CVE-2025-55630 was published Aug 22, 2025

A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi... High Unreviewed

CVE-2023-45744 was published Apr 17, 2024

On N-central, it is possible for any authenticated user to read, write and modify syslog... High Unreviewed

CVE-2025-7051 was published Aug 21, 2025

Incorrect access control in the doFilter function of itranswarp up to 2.19 allows attackers to... High Unreviewed

CVE-2025-28041 was published Aug 20, 2025

An Improper Access Control could allow a malicious actor authenticated in the API of certain... High Unreviewed

CVE-2025-27215 was published Aug 21, 2025

Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access... High Unreviewed

CVE-2024-57152 was published Aug 20, 2025

Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to... High Unreviewed

CVE-2024-53495 was published Aug 20, 2025

Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows... High Unreviewed

CVE-2025-55368 was published Aug 21, 2025

Thermo Fisher Scientific ePort through 3.0.0 has Incorrect Access Control. High Unreviewed

CVE-2025-32992 was published Aug 18, 2025

Previous1…46 Next

Previous 1 2 3 4 5 … 45 46 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,129 advisories