Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,302 advisories

Loading
A vulnerability, which was classified as problematic, was found in linlinjava litemall 1.8.0.... Moderate Unreviewed
CVE-2025-6702 was published Jun 26, 2025
Under certain conditions, an authenticated user request may execute with stale privileges... Moderate Unreviewed
CVE-2025-6707 was published Jun 26, 2025
An incorrect authorization vulnerability exists in multiple WSO2 products that allows... Moderate Unreviewed
CVE-2024-3511 was published Jun 23, 2025
Yealink YMCS before 2025-05-26 does not prevent OpenAPI access by frozen enterprise accounts,... Moderate Unreviewed
CVE-2025-52918 was published Jun 22, 2025
The AI Engine plugin for WordPress is vulnerable to unauthorized modification of data and loss of... High Unreviewed
CVE-2025-5071 was published Jun 19, 2025
The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-3880 was published Jun 17, 2025
The WordPress Single Sign-On (SSO) plugin for WordPress is vulnerable to unauthorized access due... Moderate Unreviewed
CVE-2025-6003 was published Jun 12, 2025
The macOS Rocket.Chat application is affected by a vulnerability that allows bypassing ... Moderate Unreviewed
CVE-2024-8270 was published Jun 11, 2025
The ws.stash.app.mac.daemon.helper tool contains a vulnerability caused by an incorrect use of... High Unreviewed
CVE-2024-7457 was published Jun 11, 2025
Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization... Moderate Unreviewed
CVE-2025-36578 was published Jun 10, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2),... High Unreviewed
CVE-2025-40567 was published Jun 10, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2),... Moderate Unreviewed
CVE-2025-40568 was published Jun 10, 2025
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an attacker,... High Unreviewed
CVE-2025-40668 was published Jun 9, 2025
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an... High Unreviewed
CVE-2025-40670 was published Jun 9, 2025
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an... High Unreviewed
CVE-2025-40669 was published Jun 9, 2025
Huawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and... Moderate Unreviewed
CVE-2025-49599 was published Jun 6, 2025
Memory corruption due to unauthorized command execution in GPU micronode while executing specific... High Unreviewed
CVE-2025-21479 was published Jun 3, 2025
Memory corruption due to unauthorized command execution in GPU micronode while executing specific... High Unreviewed
CVE-2025-21480 was published Jun 3, 2025
In wlan AP driver, there is a possible way to inject arbitrary packet due to a missing permission... Critical Unreviewed
CVE-2025-20674 was published Jun 2, 2025
An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the... Moderate Unreviewed
CVE-2024-7097 was published May 30, 2025
An insufficient database Row-Level Security policy in Lovable through 2025-04-15 allows remote... Critical Unreviewed
CVE-2025-48757 was published May 30, 2025
An Incorrect Authorization vulnerability [CWE-863] in FortiClient Mac 7.4.0 through 7.4.2, 7.2.0... High Unreviewed
CVE-2025-25251 was published May 28, 2025
IBM Security Guardium 12.0 could allow an authenticated user to obtain sensitive information due... Moderate Unreviewed
CVE-2025-25026 was published May 28, 2025
When a notification relating to low battery appears for a user with whom the device has been... Moderate Unreviewed
CVE-2025-4975 was published May 23, 2025
An incorrect authorization vulnerability exists in multiple WSO2 products due to a business logic... Critical Unreviewed
CVE-2024-6914 was published May 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database