Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,109 advisories

Loading
Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to... High Unreviewed
CVE-2025-43947 was published Apr 22, 2025
TYPO3-EXT-SA-2022-018: Multiple vulnerabilities in extension "Master-Quiz" (fp_masterquiz) Moderate
CVE-2022-47407 was published for fixpunkt/fp-masterquiz (Composer) Dec 14, 2022
MarkLee131
Vulnerabilities in the AirWave Management Platform web-based management interface exist which... High Unreviewed
CVE-2022-37916 was published Dec 8, 2022
Vulnerabilities in the AirWave Management Platform web-based management interface exist which... High Unreviewed
CVE-2022-37918 was published Dec 8, 2022
Vulnerabilities in the AirWave Management Platform web-based management interface exist which... High Unreviewed
CVE-2022-37917 was published Dec 8, 2022
An access control issue in Tenda A18 v15.13.07.09 allows unauthenticated attackers to access the... High Unreviewed
CVE-2022-44932 was published Dec 8, 2022
A vulnerability classified as critical was found in SourceCodester Web-based Pharmacy Product... Moderate Unreviewed
CVE-2025-3783 was published Apr 18, 2025
It technically possible for a user to upload a file to a conversation despite the file upload... Moderate Unreviewed
CVE-2025-3518 was published Apr 22, 2025
In GL.iNet Goodcloud 1.0, insecure design allows remote attacker to access devices' admin panel. Moderate Unreviewed
CVE-2022-44212 was published Dec 2, 2022
Improper access control of endpoint in HCL Leap allows certain admin users to import applications... Moderate Unreviewed
CVE-2024-30148 was published Apr 24, 2025
In GL.iNet Goodcloud 1.1 Incorrect access control allows a remote attacker to access/change... High Unreviewed
CVE-2022-44211 was published Dec 2, 2022
An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4... High Unreviewed
CVE-2022-44037 was published Nov 29, 2022
A vulnerability classified as critical has been found in youyiio BeyongCms 1.6.0. Affected is an... Moderate Unreviewed
CVE-2025-4006 was published Apr 28, 2025
A remote unauthenticated attacker may be able to change the IP adress of the device, and... High Unreviewed
CVE-2025-32470 was published Apr 28, 2025
There is an access control vulnerability in some ZTE PON OLT products. Due to improper access... Critical Unreviewed
CVE-2022-39070 was published Nov 22, 2022
Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary... High Unreviewed
CVE-2022-45475 was published Nov 25, 2022
Carel Boss Mini 1.5.0 has Improper Access Control. Critical Unreviewed
CVE-2022-34827 was published Nov 19, 2022
A vulnerability in the access control list (ACL) programming for port channel subinterfaces of... Moderate Unreviewed
CVE-2024-20291 was published Feb 29, 2024
Vite allows server.fs.deny to be bypassed with .svg or relative paths Moderate
CVE-2025-31486 was published for vite (npm) Apr 4, 2025
HSwift Iuhsssss
kikayli sw0rd1ight do9gy-msec Onetpaer
Missing permissions check in Liferay Portal Moderate
CVE-2022-42126 was published for com.liferay.portal:release.portal.bom (Maven) Nov 15, 2022
A vulnerability was found in kuangstudy KuangSimpleBBS 1.0. It has been declared as critical.... Moderate Unreviewed
CVE-2025-3830 was published Apr 20, 2025
A vulnerability was found in codeprojects News Publishing Site Dashboard 1.0. It has been rated... Moderate Unreviewed
CVE-2025-3969 was published Apr 27, 2025
Improper access control of endpoint in HCL Domino Leap allows certain admin users to import... Moderate Unreviewed
CVE-2024-30146 was published May 1, 2025
OpenFGA Authorization Bypass Moderate
CVE-2025-46331 was published for github.com/openfga/openfga (Go) Apr 30, 2025
avinashs433
Insufficient access controls in the AMD Link Android app may potentially result in information... High Unreviewed
CVE-2022-27673 was published Nov 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database