Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,109 advisories

Loading
The Docker image of ownCloud Server through 10.11 contains a misconfiguration that renders the... Moderate Unreviewed
CVE-2022-43679 was published Nov 11, 2022
An attacker with local access to the system can make unauthorized modifications of the security... High Unreviewed
CVE-2021-26360 was published Jul 6, 2023
VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A... Critical Unreviewed
CVE-2022-31687 was published Nov 10, 2022
A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v... High Unreviewed
CVE-2025-46619 was published Apr 30, 2025
An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between... High Unreviewed
CVE-2025-46635 was published May 2, 2025
Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03... High Unreviewed
CVE-2025-46628 was published May 2, 2025
Lack of access controls in the 'ate' management binary of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed
CVE-2025-46629 was published May 2, 2025
In Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22... High Unreviewed
CVE-2022-42707 was published Nov 6, 2022
A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu up to 4.2... Moderate Unreviewed
CVE-2025-4258 was published May 5, 2025
A vulnerability has been found in newbee-mall 1.0 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2025-4259 was published May 5, 2025
"IBM InfoSphere Information Server 11.7 could allow an authenticated user to access information... Moderate Unreviewed
CVE-2022-22442 was published Nov 4, 2022
x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC... High Unreviewed
CVE-2022-42327 was published Nov 1, 2022
A vulnerability, which was classified as critical, was found in IdeaCMS up to 1.6. Affected is... Moderate Unreviewed
CVE-2025-4291 was published May 6, 2025
A vulnerability has been found in kefaming mayi up to 1.3.9 and classified as critical. This... Moderate Unreviewed
CVE-2025-4305 was published May 6, 2025
Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to... High Unreviewed
CVE-2025-45614 was published May 5, 2025
Incorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows... High Unreviewed
CVE-2025-45617 was published May 5, 2025
Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis... Moderate Unreviewed
CVE-2025-45618 was published May 5, 2025
Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to... High Unreviewed
CVE-2025-45237 was published May 5, 2025
Incorrect access control in the /admin/ API of yaoqishan v0.0.1-SNAPSHOT allows attackers to gain... Critical Unreviewed
CVE-2025-45615 was published May 5, 2025
A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm up to 0.0.1. It has... Moderate Unreviewed
CVE-2025-4333 was published May 6, 2025
Memory corruption during memory mapping into protected VM address space due to incorrect API... High Unreviewed
CVE-2024-49842 was published May 6, 2025
.NET Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21173 was published Jan 14, 2025
Incorrect access control in the /user/edit/ component of hope-boot v1.0.0 allows attackers to... Critical Unreviewed
CVE-2025-45611 was published May 5, 2025
Incorrect access control in the component /scheduleLog/info/1 of PassJava-Platform v3.0.0 allows... High Unreviewed
CVE-2025-45610 was published May 5, 2025
Incorrect access control in xmall v1.1 allows attackers to bypass authentication via a crafted... Critical Unreviewed
CVE-2025-45612 was published May 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database