Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

337 advisories

Loading
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-8401 was published Jul 31, 2025
OAuth2-Proxy's `--gitlab-group` GitLab Group Authorization config flag stopped working in v7.0.0 Moderate
CVE-2021-21411 was published for github.com/oauth2-proxy/oauth2-proxy/v7 (Go) Jul 30, 2025
bohrasd
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated,... Moderate Unreviewed
CVE-2023-20182 was published May 18, 2023
A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 and classified as critical.... Moderate Unreviewed
CVE-2025-7938 was published Jul 21, 2025
Apache Superset Allows Ownership Takeover Moderate
CVE-2025-27696 was published for apache-superset (pip) May 13, 2025
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web... Moderate Unreviewed
CVE-2025-50073 was published Jul 15, 2025
Directus' insufficient permission checks can enable unauthenticated users to manually trigger Flows Moderate
CVE-2025-53889 was published for directus (npm) Jul 15, 2025
licitdev
Secure-upload is a data submission service that validates single-use tokens when accepting... Moderate Unreviewed
CVE-2025-53709 was published Jul 10, 2025
CRI-O: Maliciously structured checkpoint file can gain arbitrary node access Moderate
CVE-2024-8676 was published for github.com/cri-o/cri-o (Go) Nov 26, 2024
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2025-20264 was published Jun 26, 2025
When a link can be opened in an external application, Firefox for Android will, by default,... Moderate Unreviewed
CVE-2025-6431 was published Jun 26, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app... Moderate Unreviewed
CVE-2023-40430 was published Jan 11, 2024
A vulnerability was found in ScriptAndTools Real Estate Management System 1.0. It has been rated... Moderate Unreviewed
CVE-2025-6329 was published Jun 20, 2025
OpenFGA Authorization Bypass Moderate
CVE-2025-48371 was published for github.com/openfga/openfga (Go) May 23, 2025
udyvish
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with... Moderate Unreviewed
CVE-2023-43609 was published Feb 9, 2024
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress... Moderate Unreviewed
CVE-2024-9531 was published Oct 24, 2024
Vulnerability CVE-2024-22021 allows a Veeam Recovery Orchestrator user with a low privileged role... Moderate Unreviewed
CVE-2024-22021 was published Feb 7, 2024
Grafana's datasource proxy API allows authorization checks to be bypassed Moderate
CVE-2025-3454 was published for github.com/grafana/grafana (Go) Jun 2, 2025
Moodle allows users to retrieve information they did not have permission to access Moderate
CVE-2024-45689 was published for moodle/moodle (Composer) Nov 20, 2024
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). ... Moderate Unreviewed
CVE-2024-20979 was published Jan 17, 2024
A vulnerability has been found in Summer Pearl Group Vacation Rental Management Platform up to 1... Moderate Unreviewed
CVE-2025-5182 was published May 26, 2025
A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey... Moderate Unreviewed
CVE-2022-32838 was published Aug 25, 2022
XWiki Platform Security Authorization Bridge allows users with just edit right can enforce required rights with programming right Moderate
CVE-2025-48063 was published for org.xwiki.platform:xwiki-platform-security-authorization-bridge (Maven) May 21, 2025
Bytebase allows low-privilege users to view admin projects Moderate
CVE-2022-32170 was published for github.com/bytebase/bytebase (Go) Sep 29, 2022
A vulnerability, which was classified as problematic, has been found in SourceCodester Best... Moderate Unreviewed
CVE-2025-1607 was published Feb 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database