Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,942
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

268 advisories

Loading
IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004... Critical Unreviewed
CVE-2025-36157 was published Aug 24, 2025
An incorrect authorisation check in the the 'plant transfer' function of the Growatt cloud... Critical Unreviewed
CVE-2025-29757 was published Jul 19, 2025
Cryptographic issue occurs due to use of insecure connection method while downloading. Critical Unreviewed
CVE-2025-21450 was published Jul 8, 2025
The agent in Quest KACE Systems Management Appliance (SMA) before 14.0.97 and 14.1.x before 14.1... Critical Unreviewed
CVE-2025-26850 was published Jul 5, 2025
The Debian zuluPolkit/CMakeLists.txt file for zuluCrypt through the zulucrypt_6.2.0-1 package has... Critical Unreviewed
CVE-2025-53391 was published Jun 29, 2025
In wlan AP driver, there is a possible way to inject arbitrary packet due to a missing permission... Critical Unreviewed
CVE-2025-20674 was published Jun 2, 2025
An insufficient database Row-Level Security policy in Lovable through 2025-04-15 allows remote... Critical Unreviewed
CVE-2025-48757 was published May 30, 2025
An incorrect authorization vulnerability exists in multiple WSO2 products due to a business logic... Critical Unreviewed
CVE-2024-6914 was published May 22, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect... Critical Unreviewed
CVE-2025-43561 was published May 13, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access... Critical Unreviewed
CVE-2025-43564 was published May 13, 2025
Improper Authorization in Azure Automation allows an authorized attacker to elevate privileges... Critical Unreviewed
CVE-2025-29827 was published May 9, 2025
On an F5OS system, if the root user had previously configured the system to allow login via SSH... Critical Unreviewed
CVE-2025-36546 was published May 8, 2025
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability... Critical Unreviewed
CVE-2025-3476 was published May 7, 2025
Bookgy does not provide for proper authorisation control in multiple areas of the application.... Critical Unreviewed
CVE-2025-40619 was published Apr 29, 2025
Incorrect Authorization vulnerability in The Wikimedia Foundation Mediawiki - OAuth Extension... Critical Unreviewed
CVE-2025-32068 was published Apr 11, 2025
Pexip Infinity Connect before 1.13.0 lacks sufficient authenticity checks during the loading of... Critical Unreviewed
CVE-2024-38392 was published Apr 2, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24233 was published Apr 1, 2025
Improper permission control vulnerability in the OXARI ServiceDesk application could allow an... Critical Unreviewed
CVE-2025-1542 was published Mar 26, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed
CVE-2025-27645 was published Mar 5, 2025
SSH Communication Security PrivX versions between 18.0-36.0 implement insufficient validation on... Critical Unreviewed
CVE-2024-47857 was published Jan 31, 2025
macrozheng mall-tiny 1.0.1 suffers from Insecure Permissions. The application's JWT signing keys... Critical Unreviewed
CVE-2024-57432 was published Jan 31, 2025
The issue was addressed by removing the relevant flags. This issue is fixed in watchOS 11.2, iOS... Critical Unreviewed
CVE-2024-54512 was published Jan 28, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2, watchOS... Critical Unreviewed
CVE-2024-54530 was published Jan 28, 2025
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component: Agile... Critical Unreviewed
CVE-2025-21556 was published Jan 21, 2025
WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application... Critical Unreviewed
CVE-2024-57032 was published Jan 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database