Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,337 advisories

Loading
Yealink YMCS before 2025-05-26 does not prevent OpenAPI access by frozen enterprise accounts,... Moderate Unreviewed
CVE-2025-52918 was published Jun 22, 2025
Mattermost allows unauthorized channel member management through playbook runs Moderate
CVE-2025-3227 was published for github.com/mattermost/mattermost-server (Go) Jun 20, 2025
Mattermost allows an unauthorized Guest user access to Playbook Moderate
CVE-2025-3228 was published for github.com/mattermost/mattermost-server (Go) Jun 20, 2025
The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-3880 was published Jun 17, 2025
The WordPress Single Sign-On (SSO) plugin for WordPress is vulnerable to unauthorized access due... Moderate Unreviewed
CVE-2025-6003 was published Jun 12, 2025
The macOS Rocket.Chat application is affected by a vulnerability that allows bypassing ... Moderate Unreviewed
CVE-2024-8270 was published Jun 11, 2025
Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization... Moderate Unreviewed
CVE-2025-36578 was published Jun 10, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2),... Moderate Unreviewed
CVE-2025-40568 was published Jun 10, 2025
Huawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and... Moderate Unreviewed
CVE-2025-49599 was published Jun 6, 2025
Deno has --allow-read / --allow-write permission bypass in `node:sqlite` Moderate
CVE-2025-48935 was published for deno (Rust) Jun 4, 2025
littledivy 0f-0b
Credited to littledivy and 0f-0b
Deno run with --allow-read and --deny-read flags results in allowed Moderate
CVE-2025-48888 was published for deno (Rust) Jun 4, 2025
nayeemrmn
Credited to nayeemrmn
An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the... Moderate Unreviewed
CVE-2024-7097 was published May 30, 2025
WSO2 products vulnerable to privilege escalation due to business logic flaw in SOAP admin services Moderate
CVE-2024-7096 was published for org.wso2.am:am-parent (Maven) May 30, 2025
Mattermost improperly allows team administrators to modify team invites Moderate
CVE-2025-3913 was published for github.com/mattermost/mattermost/server/v8 (Go) May 29, 2025
IBM Security Guardium 12.0 could allow an authenticated user to obtain sensitive information due... Moderate Unreviewed
CVE-2025-25026 was published May 28, 2025
When a notification relating to low battery appears for a user with whom the device has been... Moderate Unreviewed
CVE-2025-4975 was published May 23, 2025
A low-privileged user is able to obtain information about tasks executed on devices controlled by... Moderate Unreviewed
CVE-2025-1415 was published May 21, 2025
A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure... Moderate Unreviewed
CVE-2025-20257 was published May 21, 2025
In Proget MDM, a low-privileged user can access information about changes contained in backups of... Moderate Unreviewed
CVE-2025-1417 was published May 21, 2025
A low-privileged user can access information about profiles created in Proget MDM (Mobile Device... Moderate Unreviewed
CVE-2025-1418 was published May 21, 2025
The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is... Moderate Unreviewed
CVE-2025-4101 was published May 17, 2025
Mattermost Fails to Verify User's Permissions When Accessing Groups Moderate
CVE-2025-2527 was published for github.com/mattermost/mattermost/server/v8 (Go) May 15, 2025
Mattermost Fails to Validate Team Invite Permissions Moderate
CVE-2025-3446 was published for github.com/mattermost/mattermost/server/v8 (Go) May 15, 2025
Apache Superset Allows Ownership Takeover Moderate
CVE-2025-27696 was published for apache-superset (pip) May 13, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5... Moderate Unreviewed
CVE-2025-31227 was published May 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database