Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,188 advisories

Loading
Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify... High Unreviewed
CVE-2025-25616 was published Mar 10, 2025
Incorrect access control in the KSRTC AWATAR app of Karnataka State Road Transport Corporation v1... High Unreviewed
CVE-2025-25381 was published Mar 6, 2025
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run... High Unreviewed
CVE-2025-1259 was published Mar 4, 2025
There is an improper access control issue in ArcGIS Server versions 10.9.1 through 11.3 on... High Unreviewed
CVE-2024-51954 was published Mar 3, 2025
Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt... High Unreviewed
CVE-2025-25950 was published Mar 3, 2025
In XIQ-SE before 24.2.11, a low-privileged user may be able to access admin passwords, which... High Unreviewed
CVE-2024-38291 was published Feb 28, 2025
Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login High
CVE-2025-23389 was published for github.com/rancher/rancher (Go) Feb 27, 2025
AnonySE26
Improper access control in mail module of Odoo Community 17.0 and Odoo Enterprise 17.0 allows... High Unreviewed
CVE-2024-36259 was published Feb 25, 2025
Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0... High Unreviewed
CVE-2024-12368 was published Feb 25, 2025
Improper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547,... High Unreviewed
CVE-2023-27517 was published Feb 20, 2025
Improper access control in some Intel(R) Optane(TM) PMem 100 Series Management Software before... High Unreviewed
CVE-2023-22311 was published Feb 20, 2025
An improper access control vulnerability in Power Pages allows an unauthorized attacker to... High Unreviewed
CVE-2025-24989 was published Feb 20, 2025
Sage DPW before 2024_12_001 is vulnerable to Incorrect Access Control. The implemented role-based... High Unreviewed
CVE-2024-56883 was published Feb 18, 2025
Wazuh SIEM version 4.8.2 is affected by a broken access control vulnerability. This issue allows... High Unreviewed
CVE-2024-57378 was published Feb 14, 2025
Improper access control in some Intel(R) Graphics software may allow an authenticated user to... High Unreviewed
CVE-2024-37355 was published Feb 13, 2025
Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-24042 was published Feb 11, 2025
Magento Improper Access Control vulnerability High
CVE-2025-24411 was published for magento/community-edition (Composer) Feb 11, 2025
Windows Kernel Security Feature Bypass Vulnerability High Unreviewed
CVE-2025-21359 was published Feb 11, 2025
Tenda W18E V16.01.0.8(1625) is vulnerable to Incorrect Access Control. Unauthorized password... High Unreviewed
CVE-2024-46430 was published Feb 10, 2025
Tenda W18E V16.01.0.8(1625) is vulnerable to Incorrect Access Control. An attacker can send a... High Unreviewed
CVE-2024-46432 was published Feb 10, 2025
An improper access control vulnerability may allow privilege escalation.This issue affects:  *... High Unreviewed
CVE-2022-26389 was published Feb 7, 2025
Incorrect access control in the endpoint /admin/m_delete.php of CodeAstro Complaint Management... High Unreviewed
CVE-2024-56889 was published Feb 7, 2025
Incorrect access control in Geovision GV-ASWeb version 6.1.0.0 or less allows unauthorized... High Unreviewed
CVE-2024-56898 was published Feb 3, 2025
macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control via the logout function.... High Unreviewed
CVE-2024-57433 was published Feb 1, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23920 was published Jan 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database