Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

183 advisories

Loading
The Application is vulnerable to an Unauthenticated Arbitrary File Read. This affects the Agent... High Unreviewed
CVE-2024-26291 was published Jul 14, 2025
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute... High Unreviewed
CVE-2025-49701 was published Jul 8, 2025
An unauthorized user may leverage a specially crafted aggregation pipeline to access data without... High Unreviewed
CVE-2025-6713 was published Jul 7, 2025
Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Authorization... High Unreviewed
CVE-2025-46840 was published Jun 11, 2025
Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected... High Unreviewed
CVE-2025-43585 was published Jun 10, 2025
Improper authorization in Kibana can lead to privilege abuse via a direct HTTP request to a... High Unreviewed
CVE-2024-43706 was published Jun 10, 2025
The Offsprout Page Builder plugin for WordPress is vulnerable to Privilege Escalation due to... High Unreviewed
CVE-2025-4672 was published May 31, 2025
The WP-GeoMeta plugin for WordPress is vulnerable to Privilege Escalation due to a missing... High Unreviewed
CVE-2025-4103 was published May 31, 2025
A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4... High Unreviewed
CVE-2022-26773 was published May 27, 2022
A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.5. An... High Unreviewed
CVE-2025-31249 was published May 13, 2025
The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a... High Unreviewed
CVE-2025-4474 was published May 13, 2025
The Frontend Dashboard plugin for WordPress is vulnerable to Privilege Escalation due to a... High Unreviewed
CVE-2025-4473 was published May 13, 2025
A vulnerability in the MiCollab Client API of Mitel MiCollab 9.1.3 through 9.5.0.101 could allow... High Unreviewed
CVE-2022-36453 was published Oct 25, 2022
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized... High Unreviewed
CVE-2025-3921 was published May 7, 2025
Improper authorization in Azure Bot Framework SDK allows an unauthorized attacker to elevate... High Unreviewed
CVE-2025-30389 was published Apr 30, 2025
NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module. High Unreviewed
CVE-2025-32982 was published Apr 25, 2025
An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension... High Unreviewed
CVE-2022-47409 was published Dec 14, 2022
Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization High Unreviewed
CVE-2017-1002151 was published May 13, 2022
It was found that some selectivity estimation functions in PostgreSQL before 9.2.21, 9.3.x before... High Unreviewed
CVE-2017-7484 was published May 14, 2022
Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions... High Unreviewed
CVE-2017-2689 was published May 13, 2022
The application management module has a vulnerability in permission verification. Successful... High Unreviewed
CVE-2022-46312 was published Dec 20, 2022
cgi-bin/cgi_system in NUUO NVRmini 2 1.7.5 through 2.x, NUUO NVRsolo 1.7.5 through 2.x, and... High Unreviewed
CVE-2016-5676 was published May 17, 2022
curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS... High Unreviewed
CVE-2016-5420 was published May 14, 2022
The ChromeClientImpl::createWindow method in WebKit/Source/web/ChromeClientImpl.cpp in Blink, as... High Unreviewed
CVE-2016-1710 was published May 17, 2022
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute... High Unreviewed
CVE-2025-29794 was published Apr 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database