Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,715
Erlang
34
GitHub Actions
28
Go
2,302
Maven
5,000+
npm
3,946
NuGet
711
pip
3,716
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,040 advisories

Loading
A vulnerability classified as critical has been found in Realce Tecnologia Queue Ticket Kiosk up... Moderate Unreviewed
CVE-2025-5178 was published May 26, 2025
A vulnerability, which was classified as critical, has been found in llisoft MTA Maita Training... Moderate Unreviewed
CVE-2025-5171 was published May 26, 2025
A vulnerability, which was classified as critical, has been found in H3C SecCenter SMP-E1114P02... Moderate Unreviewed
CVE-2025-5162 was published May 26, 2025
A vulnerability was found in Tmall Demo up to 20250505. It has been classified as critical. This... Moderate Unreviewed
CVE-2025-5130 was published May 24, 2025
A vulnerability was found in Tmall Demo up to 20250505. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-5131 was published May 24, 2025
In Tenable Network Monitor versions prior to 6.5.1 on a Windows host, it was found that a non... High Unreviewed
CVE-2025-24917 was published May 23, 2025
When installing Tenable Network Monitor to a non-default location on a Windows host, Tenable... High Unreviewed
CVE-2025-24916 was published May 23, 2025
An access control vulnerability was discovered in Grafana OSS where an Organization administrator... Moderate Unreviewed
CVE-2025-3580 was published May 23, 2025
A vulnerability was found in zongzhige ShopXO 6.5.0. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2025-5108 was published May 23, 2025
A vulnerability classified as critical has been found in Campcodes Online Shopping Portal 1.0.... Moderate Unreviewed
CVE-2025-5059 was published May 22, 2025
A vulnerability in the Cloud Connect component of Cisco Unified Contact Center Enterprise (CCE)... Moderate Unreviewed
CVE-2025-20242 was published May 21, 2025
The femanager TYPO3 extension allows Insecure Direct Object Reference Moderate
CVE-2025-48202 was published for in2code/femanager (Composer) May 21, 2025
This High severity PrivEsc (Privilege Escalation) vulnerability was introduced in versions: 9.12... High Unreviewed
CVE-2025-22157 was published May 20, 2025
EnGenius ENH500 AP 2T2R V3.0 FW3.7.22 is vulnerable to Incorrect Access Control via the password... Moderate Unreviewed
CVE-2025-28371 was published May 19, 2025
A vulnerability was found in PHPGurukul Car Rental Project 1.0 and classified as critical.... Moderate Unreviewed
CVE-2025-4926 was published May 19, 2025
A vulnerability, which was classified as critical, has been found in SourceCodester Client... Moderate Unreviewed
CVE-2025-4923 was published May 19, 2025
A misconfigured access token mechanism in the Unifi Protect Application (Version 5.3.41 and... Moderate Unreviewed
CVE-2025-23164 was published May 19, 2025
An Improper Access Control vulnerability was identified in the file download functionality. This... Moderate Unreviewed
CVE-2025-2306 was published May 16, 2025
A vulnerability classified as critical has been found in feng_ha_ha/megagao ssm-erp and... Moderate Unreviewed
CVE-2025-4768 was published May 16, 2025
A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as... Moderate Unreviewed
CVE-2025-4735 was published May 16, 2025
Microsoft Defender for Endpoint Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-47161 was published May 15, 2025
Reflex vulnerable to private state fields modification High
CVE-2025-47425 was published for reflex (pip) May 15, 2025
adhami3310 masenf
Kastier1
Jenkins OpenID Connect Provider Plugin Incorrectly Validates Crafted Build ID Tokens Critical
CVE-2025-47884 was published for io.jenkins.plugins:oidc-provider (Maven) May 14, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access... Critical Unreviewed
CVE-2025-43563 was published May 13, 2025
Improper access control for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may... Moderate Unreviewed
CVE-2025-22844 was published May 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database