Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,302 advisories

Loading
Device commissioning parameters in ASPECT may be modified by an external source if administrative... High Unreviewed
CVE-2024-13947 was published May 22, 2025
System File Deletion vulnerabilities in ASPECT provide attackers access to delete system files if... High Unreviewed
CVE-2025-30171 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In... Low Unreviewed
CVE-2025-1110 was published May 22, 2025
A low-privileged user is able to obtain information about tasks executed on devices controlled by... Moderate Unreviewed
CVE-2025-1415 was published May 21, 2025
A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure... Moderate Unreviewed
CVE-2025-20257 was published May 21, 2025
In Proget MDM, a low-privileged user can access information about changes contained in backups of... Moderate Unreviewed
CVE-2025-1417 was published May 21, 2025
In Proget MDM, a low-privileged user can retrieve passwords for managed devices and subsequently... High Unreviewed
CVE-2025-1416 was published May 21, 2025
A low-privileged user can access information about profiles created in Proget MDM (Mobile Device... Moderate Unreviewed
CVE-2025-1418 was published May 21, 2025
The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is... Moderate Unreviewed
CVE-2025-4101 was published May 17, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect... High Unreviewed
CVE-2025-43565 was published May 13, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect... Critical Unreviewed
CVE-2025-43561 was published May 13, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access... Critical Unreviewed
CVE-2025-43564 was published May 13, 2025
Improper Privilege Management vulnerability in Centreon web (API Token creation form modules)... High Unreviewed
CVE-2025-4646 was published May 13, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5... Moderate Unreviewed
CVE-2025-31227 was published May 13, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS... Moderate Unreviewed
CVE-2025-30440 was published May 13, 2025
An authenticated administrator could modify the Created By username for a user account Low Unreviewed
CVE-2025-46744 was published May 12, 2025
Improper Authorization in Azure Automation allows an authorized attacker to elevate privileges... Critical Unreviewed
CVE-2025-29827 was published May 9, 2025
An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content... High Unreviewed
CVE-2025-26842 was published May 8, 2025
On F5OS, an improper authorization vulnerability exists where remotely authenticated users (LDAP,... High Unreviewed
CVE-2025-46265 was published May 8, 2025
On an F5OS system, if the root user had previously configured the system to allow login via SSH... Critical Unreviewed
CVE-2025-36546 was published May 8, 2025
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager.  The vulnerability... Moderate Unreviewed
CVE-2025-3272 was published May 7, 2025
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability... Critical Unreviewed
CVE-2025-3476 was published May 7, 2025
The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all... Moderate Unreviewed
CVE-2025-3609 was published May 6, 2025
NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged... High Unreviewed
CVE-2025-23244 was published May 1, 2025
Bookgy does not provide for proper authorisation control in multiple areas of the application.... Critical Unreviewed
CVE-2025-40619 was published Apr 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database