Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,188 advisories

Loading
This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 2.4,... High Unreviewed
CVE-2025-24173 was published Apr 1, 2025
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in... High Unreviewed
CVE-2024-54533 was published Apr 1, 2025
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions... High Unreviewed
CVE-2025-20229 was published Mar 27, 2025
PipeCD Vulnerable to Privilege Escalation High
CVE-2024-53351 was published for github.com/pipe-cd/pipecd (Go) Mar 21, 2025
LoxiLB v.0.9.7 and before is vulnerable to Incorrect Access Control which allows attackers to... High Unreviewed
CVE-2024-53348 was published Mar 21, 2025
In lunary-ai/lunary before version 1.4.30, a privilege escalation vulnerability exists where... High Unreviewed
CVE-2024-9098 was published Mar 20, 2025
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240802 allows attackers to access, copy,... High Unreviewed
CVE-2024-8613 was published Mar 20, 2025
Due to a lack of access control, unauthorized users are able to view and modify information... High Unreviewed
CVE-2024-2292 was published Mar 20, 2025
In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a... High Unreviewed
CVE-2024-11300 was published Mar 20, 2025
An Insecure Direct Object Reference (IDOR) vulnerability exists in the `PATCH /v1/runs/:id/score`... High Unreviewed
CVE-2024-11137 was published Mar 20, 2025
GPT Academy version 3.83 in the binary-husky/gpt_academic repository is vulnerable to Cross-Site... High Unreviewed
CVE-2024-10956 was published Mar 20, 2025
An improper access control vulnerability (IDOR) exists in the delete attachments functionality of... High Unreviewed
CVE-2024-10366 was published Mar 20, 2025
In version 1.5.5 of lunary-ai/lunary, a vulnerability exists where admins, who do not have direct... High Unreviewed
CVE-2024-10275 was published Mar 20, 2025
lunary-ai/lunary is vulnerable to broken access control in the latest version. An attacker can... High Unreviewed
CVE-2024-10272 was published Mar 20, 2025
An issue was discovered on G-Net Dashcam BB GONX devices. One can Remotely Dump Video Footage and... High Unreviewed
CVE-2025-30141 was published Mar 18, 2025
An issue was discovered on G-Net Dashcam BB GONX devices. A Public Domain name is Used for the... High Unreviewed
CVE-2025-30140 was published Mar 18, 2025
Incorrect access control in the component /config/WebSecurityConfig.java of yimioa before v2024... High Unreviewed
CVE-2025-25585 was published Mar 18, 2025
TastyIgniter Has an Incorrect Access Control Vulnerability via `invoice()` Function High
CVE-2024-44313 was published for tastyigniter/tastyigniter (Composer) Mar 18, 2025
Incorrect access control in the scheduled tasks console of Inova Logic CUSTOMER MONITOR (CM) v3.1... High Unreviewed
CVE-2025-25598 was published Mar 13, 2025
Improper access control in web extension restriction feature in Devolutions Server 2024.3.13 and... High Unreviewed
CVE-2025-2280 was published Mar 13, 2025
NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A... High Unreviewed
CVE-2025-23242 was published Mar 11, 2025
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate... High Unreviewed
CVE-2025-24994 was published Mar 11, 2025
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate... High Unreviewed
CVE-2025-24076 was published Mar 11, 2025
** UNSUPPORTED WHEN ASSIGNED **  A privilege escalation vulnerability in CxUIUSvc64.exe and... High Unreviewed
CVE-2024-9157 was published Mar 11, 2025
Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation, which allows... High Unreviewed
CVE-2025-25614 was published Mar 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database