Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,857 advisories

Loading
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed
CVE-2024-45519 was published Oct 3, 2024
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this... Critical Unreviewed
CVE-2020-2506 was published May 24, 2022
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or... Moderate Unreviewed
CVE-2020-3952 was published May 24, 2022
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability.... Critical Unreviewed
CVE-2023-22518 was published Oct 31, 2023
This improper access control vulnerability allows remote attackers to gain unauthorized access to... High Unreviewed
CVE-2019-7192 was published May 24, 2022
A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and... Critical Unreviewed
CVE-2023-38035 was published Aug 21, 2023
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5... High Unreviewed
CVE-2018-13382 was published May 24, 2022
Microsoft Publisher Security Features Bypass Vulnerability High Unreviewed
CVE-2023-21715 was published Feb 14, 2023
Windows SmartScreen Security Feature Bypass Vulnerability. Moderate Unreviewed
CVE-2022-44698 was published Dec 13, 2022
Windows Mark of the Web Security Feature Bypass Vulnerability. This CVE ID is unique from CVE... Moderate Unreviewed
CVE-2022-41091 was published Nov 10, 2022
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). Critical Unreviewed
CVE-2022-26501 was published Mar 18, 2022
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests... High Unreviewed
CVE-2021-3560 was published Feb 17, 2022
The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business... Critical Unreviewed
CVE-2022-26143 was published Mar 11, 2022
Microsoft Excel Security Feature Bypass Vulnerability High Unreviewed
CVE-2021-42292 was published May 24, 2022
After the initial setup process, some steps of setup.php file are reachable not only by super... Moderate Unreviewed
CVE-2022-23134 was published Feb 9, 2022
An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version : 2.01MT. An attacker... High Unreviewed
CVE-2021-40655 was published May 24, 2022
Insufficient policy enforcement in PopupBlocker in Google Chrome prior to 91.0.4472.77 allowed a... Moderate Unreviewed
CVE-2021-30533 was published May 24, 2022
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 ... Critical Unreviewed
CVE-2021-28799 was published May 24, 2022
Dell dbutil_2_3.sys driver contains an insufficient access control vulnerability which may lead... High Unreviewed
CVE-2021-21551 was published May 24, 2022
An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes... Moderate Unreviewed
CVE-2021-25369 was published May 24, 2022
Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021... High Unreviewed
CVE-2021-25337 was published May 24, 2022
Magento has incorrect authorization issue that leads to arbitrary file system read High
CVE-2025-49556 was published for magento/community-edition (Composer) Aug 12, 2025
Magento vulnerable to privilege escalation due to incorrect authorization Moderate
CVE-2025-54267 was published for magento/community-edition (Composer) Oct 14, 2025
Magento provides incorrect authorization through a security feature bypass High
CVE-2025-54263 was published for magento/community-edition (Composer) Oct 14, 2025
Shopware vulnerable to MediaVisibilityRestrictionSubscriber bypass when reading media entities by aggregating fields individually Moderate
GHSA-m895-2hj3-8cg9 was published for shopware/core (Composer) Oct 21, 2025
JoshuaBehrens
Credited to JoshuaBehrens
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database