GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,948
Composer 4,873
Erlang 37
GitHub Actions 36
Go 2,519
Maven 5,959
npm 4,156
NuGet 736
pip 3,956
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 270,233

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,049 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Broken access control vulnerability in the IcProgress Innovación y Cualificación plugin. This... Moderate Unreviewed

CVE-2025-2201 was published Mar 17, 2025

An issue has been discovered in GitLab EE/CE affecting all versions starting from 16.9 before 17... Moderate Unreviewed

CVE-2025-0652 was published Mar 13, 2025

Improper authorization in GitLab EE affecting all versions from 17.7 prior to 17.7.6, 17.8 prior... Moderate Unreviewed

CVE-2025-2045 was published Mar 6, 2025

A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality.... Moderate Unreviewed

CVE-2024-39352 was published Mar 4, 2025

In certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0... Moderate Unreviewed

CVE-2025-27371 was published Mar 3, 2025

OpenID Connect Core through 1.0 errata set 2 allows audience injection in certain situations.... Moderate Unreviewed

CVE-2025-27370 was published Mar 3, 2025

IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an... Moderate Unreviewed

CVE-2024-45081 was published Feb 19, 2025

Insecure Permissions in Atos Eviden IDRA and IDCA before 2.7.0. A highly trusted role (Config... Moderate Unreviewed

CVE-2024-39328 was published Feb 18, 2025

app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a GUI attribute search. Moderate Unreviewed

CVE-2024-57969 was published Feb 14, 2025

Improper Authorization in GitLab CE/EE affecting all versions from 17.7 prior to 17.7.4, 17.8... Moderate Unreviewed

CVE-2025-0516 was published Feb 12, 2025

An issue in the SharedConfig class of Telegram Android APK v.11.7.0 allows a physically proximate... Moderate Unreviewed

CVE-2024-54916 was published Feb 12, 2025

Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are... Moderate Unreviewed

CVE-2025-24419 was published Feb 11, 2025

Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are... Moderate Unreviewed

CVE-2025-24420 was published Feb 11, 2025

The ABAP Build Framework in SAP ABAP Platform allows an authenticated attacker to gain... Moderate Unreviewed

CVE-2025-24872 was published Feb 11, 2025

SAP NetWeaver Application Server Java allows an attacker to access an endpoint that can disclose... Moderate Unreviewed

CVE-2025-24869 was published Feb 11, 2025

An error when handling authorization related to the import / export interfaces on the RISC... Moderate Unreviewed

CVE-2021-41528 was published Feb 7, 2025

This vulnerability allows network-adjacent attackers to disclose sensitive information on... Moderate Unreviewed

CVE-2024-23937 was published Jan 31, 2025

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.3, macOS... Moderate Unreviewed

CVE-2025-24099 was published Jan 30, 2025

An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed

CVE-2025-0741 was published Jan 30, 2025

An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed

CVE-2025-0743 was published Jan 30, 2025

An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed

CVE-2025-0742 was published Jan 30, 2025

A privilege escalation vulnerability exists in the web-based management interface of HPE Aruba... Moderate Unreviewed

CVE-2025-23053 was published Jan 28, 2025

A vulnerability in the web-based management interface of HPE Aruba Networking Fabric Composer... Moderate Unreviewed

CVE-2025-23054 was published Jan 28, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed

CVE-2025-24114 was published Jan 28, 2025

This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Moderate Unreviewed

CVE-2024-54550 was published Jan 28, 2025

Previous 1…4…42 Next

Previous 1 2 3 4 5 6 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,049 advisories