Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,234 advisories

Loading
Apache Commons Improper Access Control vulnerability High
CVE-2025-48734 was published for commons-beanutils:commons-beanutils (Maven) May 28, 2025
Improper access control in user group management in Devolutions Server 2025.1.7.0 and earlier... High Unreviewed
CVE-2025-4433 was published May 30, 2025
Memory corruption may occur while attaching VM when the HLOS retains access to VM. High Unreviewed
CVE-2024-53010 was published Jun 3, 2025
Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected... High Unreviewed
CVE-2025-43586 was published Jun 10, 2025
Erxes Incorrect Access Control vulnerability High
CVE-2024-57190 was published for erxes (npm) Jun 10, 2025
Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an... High Unreviewed
CVE-2025-33056 was published Jun 10, 2025
Improper access control in Windows Installer allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-32714 was published Jun 10, 2025
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a... High Unreviewed
CVE-2025-33073 was published Jun 10, 2025
Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-47962 was published Jun 10, 2025
Dell iDRAC Tools, version(s) prior to 11.3.0.0, contain(s) an Improper Access Control... High Unreviewed
CVE-2025-27689 was published Jun 12, 2025
An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free... High Unreviewed
CVE-2025-49154 was published Jun 17, 2025
ACL configured in ip_allow.config or remap.config does not use IP addresses that are provided by... High Unreviewed
CVE-2025-31698 was published Jun 19, 2025
An issue in NCR Terminal Handler v1.5.1 allows low-level privileged authenticated attackers to... High Unreviewed
CVE-2023-47294 was published Jun 23, 2025
Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability. This vulnerability... High Unreviewed
CVE-2025-6443 was published Jun 26, 2025
Janssen Config API returns results without scope verification High
CVE-2025-53003 was published for io.jans:jans-config-api-server (Maven) Jun 30, 2025
Misconfigured settings in IITB SSO v1.1.0 allow attackers to access sensitive application data. High Unreviewed
CVE-2025-45081 was published Jul 1, 2025
Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension... High Unreviewed
CVE-2025-53501 was published Jul 3, 2025
A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected... High Unreviewed
CVE-2025-23365 was published Jul 8, 2025
Improper access control in Microsoft PC Manager allows an authorized attacker to elevate... High Unreviewed
CVE-2025-47993 was published Jul 8, 2025
pyLoad is vulnerable to attacks that bypass localhost restrictions, enabling the creation of arbitrary packages High
CVE-2025-7346 was published for pyload-ng (pip) Jul 8, 2025
PinkDraconian
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). ... High Unreviewed
CVE-2025-50060 was published Jul 15, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2025-50059 was published Jul 15, 2025
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2025-50105 was published Jul 15, 2025
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2025-53028 was published Jul 15, 2025
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139... High Unreviewed
CVE-2025-46118 was published Jul 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database