Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

36 advisories

Loading
An API endpoint that should be limited to web application administrators is hidden from, but... Moderate Unreviewed
CVE-2025-54766 was published Jul 29, 2025
An API endpoint that should be limited to web application administrators is hidden from, but... Moderate Unreviewed
CVE-2025-54765 was published Jul 29, 2025
An authenticated, read-only user can kill any processes running on the Xormon Original virtual... Moderate Unreviewed
CVE-2025-54767 was published Jul 29, 2025
An API endpoint that should be limited to web application administrators is hidden from, but... Moderate Unreviewed
CVE-2025-54768 was published Jul 29, 2025
Incorrect Use of Privileged APIs vulnerability in Beamsec PhishPro allows Privilege Abuse.This... High Unreviewed
CVE-2025-5997 was published Jul 28, 2025
The EAI developed by Digiwin has a Privilege Escalation vulnerability, allowing remote attackers... High Unreviewed
CVE-2025-7344 was published Jul 21, 2025
Dell PowerProtect Data Manager Reporting, version(s) 19.17, contain(s) an Incorrect Use of... High Unreviewed
CVE-2025-23375 was published Apr 28, 2025
Incorrect Use of Privileged APIs vulnerability in OpenText™ Operations Bridge Manager, OpenText™... High Unreviewed
CVE-2022-26323 was published Apr 17, 2025
In affected versions of Octopus Deploy where customers are using Active Directory for... Moderate Unreviewed
CVE-2025-0589 was published Feb 11, 2025
Bentley Systems ProjectWise Integration Server before 10.00.03.288 allows unintended SQL query... Moderate Unreviewed
CVE-2024-53007 was published Jan 31, 2025
In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could... Critical Unreviewed
CVE-2024-8785 was published Dec 2, 2024
The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing... Critical Unreviewed
CVE-2024-11068 was published Nov 11, 2024
org.xwiki.platform:xwiki-platform-notifications-ui is missing checks for notification filter preferences editions High
CVE-2024-46978 was published for org.xwiki.platform:xwiki-platform-notifications-ui (Maven) Sep 18, 2024
floerer
The OpenDaylight 0.15.3 controller allows topology poisoning via API requests because an... Critical Unreviewed
CVE-2024-37018 was published May 31, 2024
Improper Privilege Management vulnerability in ExtremePacs Extreme XDS allows Collect Data as... High Unreviewed
CVE-2023-6522 was published Apr 5, 2024
Improper Privilege Management vulnerability in Utarit Information Technologies SoliPay Mobile App... High Unreviewed
CVE-2023-4993 was published Feb 15, 2024
A vulnerability has been identified in Unicam FX (All versions). The windows installer agent used... High Unreviewed
CVE-2024-22042 was published Feb 13, 2024
Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows... High Unreviewed
CVE-2023-6151 was published Nov 28, 2023
Improper Privilege Management vulnerability in ESKOM Computer e-municipality module allows... High Unreviewed
CVE-2023-6150 was published Nov 28, 2023
Improper Privilege Management vulnerability in Yepas Digital Yepas allows Collect Data as... High Unreviewed
CVE-2023-4972 was published Sep 14, 2023
In MongoDB Ops Manager v5.0 prior to 5.0.22 and v6.0 prior to 6.0.17 it is possible for an... High Unreviewed
CVE-2023-4009 was published Aug 8, 2023
A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote... Moderate Unreviewed
CVE-2023-20136 was published Jun 28, 2023
org.xwiki.platform:xwiki-platform-oldcore makes Incorrect Use of Privileged APIs with DocumentAuthors Critical
CVE-2023-29507 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Apr 12, 2023
tmortagne
Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A... High Unreviewed
CVE-2023-28062 was published Apr 11, 2023
A vulnerability in the web-based management interface of Cisco Identity Services Engine could... Moderate Unreviewed
CVE-2022-20965 was published Jan 20, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database