Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,188 advisories

Loading
Improper access control in Azure allows an unauthorized attacker to disclose information over a... High Unreviewed
CVE-2025-33072 was published May 9, 2025
Jenkins Compuware Topaz for Total Test Plugin vulnerable to Protection Mechanism Failure High
CVE-2022-43429 was published for com.compuware.jenkins:compuware-topaz-for-total-test (Maven) Oct 19, 2022
OcoMon 4.0RC1 is vulnerable to Incorrect Access Control. Through a request the user can obtain... High Unreviewed
CVE-2022-40798 was published Oct 19, 2022
Improper Access Control in System Management Mode (SMM) may allow an attacker access to the SPI... High Unreviewed
CVE-2023-20587 was published Feb 13, 2024
Incorrect access control in the doFilter function of kob latest v1.0.0-SNAPSHOT allows attackers... High Unreviewed
CVE-2025-45609 was published May 5, 2025
Incorrect access control in the component /user/list of Shiro-Action v0.6 allows attackers to... High Unreviewed
CVE-2025-45613 was published May 5, 2025
Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows... High Unreviewed
CVE-2025-45608 was published May 5, 2025
Incorrect access control in the component /scheduleLog/info/1 of PassJava-Platform v3.0.0 allows... High Unreviewed
CVE-2025-45610 was published May 5, 2025
.NET Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-21173 was published Jan 14, 2025
Memory corruption during memory mapping into protected VM address space due to incorrect API... High Unreviewed
CVE-2024-49842 was published May 6, 2025
Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to... High Unreviewed
CVE-2025-45237 was published May 5, 2025
Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to... High Unreviewed
CVE-2025-45614 was published May 5, 2025
Incorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows... High Unreviewed
CVE-2025-45617 was published May 5, 2025
x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC... High Unreviewed
CVE-2022-42327 was published Nov 1, 2022
In Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22... High Unreviewed
CVE-2022-42707 was published Nov 6, 2022
Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03... High Unreviewed
CVE-2025-46628 was published May 2, 2025
An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between... High Unreviewed
CVE-2025-46635 was published May 2, 2025
A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v... High Unreviewed
CVE-2025-46619 was published Apr 30, 2025
An attacker with local access to the system can make unauthorized modifications of the security... High Unreviewed
CVE-2021-26360 was published Jul 6, 2023
Insufficient access controls in the AMD Link Android app may potentially result in information... High Unreviewed
CVE-2022-27673 was published Nov 10, 2022
Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary... High Unreviewed
CVE-2022-45475 was published Nov 25, 2022
A remote unauthenticated attacker may be able to change the IP adress of the device, and... High Unreviewed
CVE-2025-32470 was published Apr 28, 2025
An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4... High Unreviewed
CVE-2022-44037 was published Nov 29, 2022
In GL.iNet Goodcloud 1.1 Incorrect access control allows a remote attacker to access/change... High Unreviewed
CVE-2022-44211 was published Dec 2, 2022
An access control issue in Tenda A18 v15.13.07.09 allows unauthenticated attackers to access the... High Unreviewed
CVE-2022-44932 was published Dec 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database