Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

316 advisories

Loading
This issue was addressed with improved access restrictions. This issue is fixed in visionOS 2.4,... Critical Unreviewed
CVE-2025-30433 was published Apr 1, 2025
A configuration issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24241 was published Apr 1, 2025
Incorrect access control in Adtran 411 ONT L80.00.0011.M2 allows unauthorized attackers to... Critical Unreviewed
CVE-2025-22940 was published Mar 31, 2025
Telesquare TLR-2005KSH 1.1.4 allows unauthorized password modification when requesting the admin... Critical Unreviewed
CVE-2025-26010 was published Mar 26, 2025
lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST ... Critical Unreviewed
CVE-2024-8999 was published Mar 20, 2025
A Cross-Site WebSocket Hijacking (CSWSH) vulnerability in automatic1111/stable-diffusion-webui... Critical Unreviewed
CVE-2024-11045 was published Mar 20, 2025
An improper access control vulnerability in danny-avila/librechat versions prior to 0.7.6 allows... Critical Unreviewed
CVE-2024-11167 was published Mar 20, 2025
An issue was discovered on IROAD Dashcam V devices. It uses an unregistered public domain name as... Critical Unreviewed
CVE-2025-30132 was published Mar 18, 2025
An improper access control vulnerability in FortiMail version 7.4.0 configured with RADIUS... Critical Unreviewed
CVE-2023-47539 was published Mar 18, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.893 Application 20.0.2140... Critical Unreviewed
CVE-2025-27649 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253... Critical Unreviewed
CVE-2025-27646 was published Mar 5, 2025
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run... Critical Unreviewed
CVE-2025-1260 was published Mar 4, 2025
Under certain circumstances, a user opt-in setting that Focus should require authentication... Critical Unreviewed
CVE-2025-1941 was published Mar 4, 2025
Incorrect access control in the component /rest/staffResource/create of Serosoft Solutions Pvt... Critical Unreviewed
CVE-2025-25948 was published Mar 3, 2025
Infoblox NIOS through 8.6.4 has Improper Access Control for Grids. Critical Unreviewed
CVE-2024-37567 was published Feb 28, 2025
Infoblox NIOS through 8.6.4 has Improper Authentication for Grids. Critical Unreviewed
CVE-2024-37566 was published Feb 28, 2025
Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unauthorized users can access... Critical Unreviewed
CVE-2024-53573 was published Feb 27, 2025
Lexmark MX6500 LW75.JD.P296 and previous devices have Incorrect Access Control via the access... Critical Unreviewed
CVE-2020-35546 was published Feb 19, 2025
Incorrect Access Control vulnerability in Atos Eviden IDRA before 2.6.1 could allow the... Critical Unreviewed
CVE-2024-39327 was published Feb 18, 2025
Incorrect Access Control in the Preview Function of Gleamtech FileVista 9.2.0.0 allows remote... Critical Unreviewed
CVE-2024-57249 was published Feb 7, 2025
WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application... Critical Unreviewed
CVE-2024-57032 was published Jan 17, 2025
The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable... Critical Unreviewed
CVE-2024-10124 was published Dec 12, 2024
Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-51644 was published Nov 22, 2024
Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox... Critical Unreviewed
CVE-2023-29121 was published Nov 5, 2024
In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference (IDOR) vulnerability... Critical Unreviewed
CVE-2024-7474 was published Oct 29, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database