Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,308
Maven
5,000+
npm
3,949
NuGet
711
pip
3,727
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,186 advisories

Loading
Apache Commons Improper Access Control vulnerability High
CVE-2025-48734 was published for commons-beanutils:commons-beanutils (Maven) May 28, 2025
When installing Tenable Network Monitor to a non-default location on a Windows host, Tenable... High Unreviewed
CVE-2025-24916 was published May 23, 2025
In Tenable Network Monitor versions prior to 6.5.1 on a Windows host, it was found that a non... High Unreviewed
CVE-2025-24917 was published May 23, 2025
This High severity PrivEsc (Privilege Escalation) vulnerability was introduced in versions: 9.12... High Unreviewed
CVE-2025-22157 was published May 20, 2025
Microsoft Defender for Endpoint Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-47161 was published May 15, 2025
Reflex vulnerable to private state fields modification High
CVE-2025-47425 was published for reflex (pip) May 15, 2025
adhami3310 masenf
Kastier1
Improper access control in the memory controller configurations for some Intel(R) Xeon(R) 6... High Unreviewed
CVE-2025-20100 was published May 13, 2025
Improper access control in Azure File Sync allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-29973 was published May 13, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-31260 was published May 13, 2025
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura... High Unreviewed
CVE-2025-31247 was published May 13, 2025
An integer overflow was addressed with improved input validation. This issue is fixed in watchOS... High Unreviewed
CVE-2025-31221 was published May 13, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6,... High Unreviewed
CVE-2025-31232 was published May 13, 2025
This issue was addressed through improved state management. This issue is fixed in watchOS 11.5,... High Unreviewed
CVE-2025-31212 was published May 13, 2025
Improper access control in Azure allows an unauthorized attacker to disclose information over a... High Unreviewed
CVE-2025-33072 was published May 9, 2025
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter. High Unreviewed
CVE-2025-21470 was published May 6, 2025
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call. High Unreviewed
CVE-2025-21469 was published May 6, 2025
Memory corruption during memory mapping into protected VM address space due to incorrect API... High Unreviewed
CVE-2024-49842 was published May 6, 2025
Incorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows... High Unreviewed
CVE-2025-45617 was published May 5, 2025
Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to... High Unreviewed
CVE-2025-45614 was published May 5, 2025
Incorrect access control in the component /user/list of Shiro-Action v0.6 allows attackers to... High Unreviewed
CVE-2025-45613 was published May 5, 2025
Incorrect access control in the doFilter function of kob latest v1.0.0-SNAPSHOT allows attackers... High Unreviewed
CVE-2025-45609 was published May 5, 2025
Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows... High Unreviewed
CVE-2025-45608 was published May 5, 2025
Incorrect access control in the component /scheduleLog/info/1 of PassJava-Platform v3.0.0 allows... High Unreviewed
CVE-2025-45610 was published May 5, 2025
Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to... High Unreviewed
CVE-2025-45237 was published May 5, 2025
An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between... High Unreviewed
CVE-2025-46635 was published May 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database