Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

375 advisories

Loading
The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated... Critical Unreviewed
CVE-2022-31704 was published Jan 26, 2023
Incorrect access control in Adtran 411 ONT L80.00.0011.M2 allows unauthorized attackers to... Critical Unreviewed
CVE-2025-22940 was published Mar 31, 2025
A library injection issue was addressed with additional restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-30462 was published Apr 1, 2025
An issue was discovered in Couchbase Server before 7.2.4. cURL calls to /diag/eval are not... Critical Unreviewed
CVE-2023-49930 was published Feb 29, 2024
Telesquare TLR-2005KSH 1.1.4 allows unauthorized password modification when requesting the admin... Critical Unreviewed
CVE-2025-26010 was published Mar 26, 2025
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1... Critical Unreviewed
CVE-2022-47699 was published Jan 31, 2023
OpenDaylight SFC Allows Unauthorized Privileged Execution via Crafted Request Critical
CVE-2025-29315 was published for org.opendaylight.sfc:sfc-parent (Maven) Mar 24, 2025
Vulnerability in the Oracle Workflow product of Oracle E-Business Suite (component: Admin Screens... Critical Unreviewed
CVE-2024-21071 was published Apr 17, 2024
An issue was discovered on IROAD Dashcam V devices. It uses an unregistered public domain name as... Critical Unreviewed
CVE-2025-30132 was published Mar 18, 2025
lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST ... Critical Unreviewed
CVE-2024-8999 was published Mar 20, 2025
In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to... Critical Unreviewed
CVE-2022-46892 was published Feb 15, 2023
WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application... Critical Unreviewed
CVE-2024-57032 was published Jan 17, 2025
Dynamsoft Service 1.8.1025 through 1.8.2013, 1.7.0330 through 1.7.2531, 1.6.0428 through 1.6.1112... Critical Unreviewed
CVE-2024-22074 was published Jun 6, 2024
An access control issue in Axcora POS #0~gitf77ec09 allows unauthenticated attackers to execute... Critical Unreviewed
CVE-2023-24320 was published Feb 22, 2023
An improper access control vulnerability in FortiMail version 7.4.0 configured with RADIUS... Critical Unreviewed
CVE-2023-47539 was published Mar 18, 2025
Incorrect Access Control vulnerability in Atos Eviden IDRA before 2.6.1 could allow the... Critical Unreviewed
CVE-2024-39327 was published Feb 18, 2025
Insecure permissions in external-secrets v0.9.16 allows attackers to access sensitive data and... Critical Unreviewed
CVE-2024-36540 was published Jul 24, 2024
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager... Critical Unreviewed
CVE-2024-41912 was published Aug 7, 2024
Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unauthorized users can access... Critical Unreviewed
CVE-2024-53573 was published Feb 27, 2025
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run... Critical Unreviewed
CVE-2025-1260 was published Mar 4, 2025
Under certain circumstances, a user opt-in setting that Focus should require authentication... Critical Unreviewed
CVE-2025-1941 was published Mar 4, 2025
Infoblox NIOS through 8.6.4 has Improper Access Control for Grids. Critical Unreviewed
CVE-2024-37567 was published Feb 28, 2025
Infoblox NIOS through 8.6.4 has Improper Authentication for Grids. Critical Unreviewed
CVE-2024-37566 was published Feb 28, 2025
Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2 Critical Unreviewed
CVE-2023-24468 was published Mar 16, 2023
Block BYPASS vulnerability in iQ Block Country plugin <= 1.2.18 on WordPress. Critical Unreviewed
CVE-2022-41155 was published Nov 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database