Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,821
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,004
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,233 advisories

Loading
NVIDIA Display Driver for Linux and Windows contains a vulnerability in the kernel mode driver,... High Unreviewed
CVE-2025-23277 was published Aug 3, 2025
An issue was discovered in CS Cart 4.18.3 allows the vendor login functionality lacks essential... High Unreviewed
CVE-2025-50850 was published Jul 31, 2025
ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control. Since version 6.3,... High Unreviewed
CVE-2025-29556 was published Jul 31, 2025
The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home Security Camera (version V1.00.02)... High Unreviewed
CVE-2025-50777 was published Jul 30, 2025
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-43270 was published Jul 30, 2025
An access control issue in NanoMQ v0.21.10 allows attackers to bypass security restrictions and... High Unreviewed
CVE-2024-42655 was published Jul 29, 2025
Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows... High Unreviewed
CVE-2023-31100 was published Nov 15, 2023
An issue in Gardyn 4 allows a remote attacker with the corresponding ssh private key can gain... High Unreviewed
CVE-2025-29630 was published Jul 25, 2025
Improper access control in secure message component in Devolutions Server allows an authenticated... High Unreviewed
CVE-2025-6741 was published Jul 22, 2025
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139... High Unreviewed
CVE-2025-46118 was published Jul 21, 2025
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker... High Unreviewed
CVE-2025-23083 was published Jan 22, 2025
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component:... High Unreviewed
CVE-2025-50105 was published Jul 15, 2025
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). ... High Unreviewed
CVE-2025-50060 was published Jul 15, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2025-50059 was published Jul 15, 2025
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed
CVE-2025-53028 was published Jul 15, 2025
An improper access control vulnerability (IDOR) exists in the delete attachments functionality of... High Unreviewed
CVE-2024-10366 was published Mar 20, 2025
GPT Academy version 3.83 in the binary-husky/gpt_academic repository is vulnerable to Cross-Site... High Unreviewed
CVE-2024-10956 was published Mar 20, 2025
Mattermost allows remote actor to create/update/delete posts in arbitrary channels High
CVE-2024-41144 was published for github.com/mattermost/mattermost (Go) Aug 1, 2024
pyLoad is vulnerable to attacks that bypass localhost restrictions, enabling the creation of arbitrary packages High
CVE-2025-7346 was published for pyload-ng (pip) Jul 8, 2025
PinkDraconian
Improper access control in Microsoft PC Manager allows an authorized attacker to elevate... High Unreviewed
CVE-2025-47993 was published Jul 8, 2025
A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected... High Unreviewed
CVE-2025-23365 was published Jul 8, 2025
The kernel driver, accessible to low-privileged users, exposes a function that fails to properly... High Unreviewed
CVE-2025-1865 was published Apr 4, 2025
Improper Access Control vulnerability in Wikimedia Foundation Mediawiki - Scribunto Extension... High Unreviewed
CVE-2025-53501 was published Jul 3, 2025
The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication,... High Unreviewed
CVE-2012-6068 was published May 17, 2022
Misconfigured settings in IITB SSO v1.1.0 allow attackers to access sensitive application data. High Unreviewed
CVE-2025-45081 was published Jul 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database