Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,302 advisories

Loading
An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2025-24206 was published Apr 29, 2025
The Prevent Direct Access – Protect WordPress Files plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-3861 was published Apr 25, 2025
In Sherpa Orchestrator 141851, a low-privileged user can elevate their privileges by creating new... Moderate Unreviewed
CVE-2025-46544 was published Apr 25, 2025
A vulnerability was found in mod_proxy_cluster. The issue is that the <Directory> directive... Moderate Unreviewed
CVE-2024-10306 was published Apr 23, 2025
The FileWave Windows client before 16.0.0, in some non-default configurations, allows an... High Unreviewed
CVE-2025-43922 was published Apr 21, 2025
Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux... Moderate Unreviewed
CVE-2024-12862 was published Apr 21, 2025
In Soffid Console 3.5.38 before 3.5.39, necessary checks were not applied to some Java objects. A... High Unreviewed
CVE-2025-32408 was published Apr 21, 2025
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create... Moderate Unreviewed
CVE-2025-43921 was published Apr 20, 2025
In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate... High Unreviewed
CVE-2025-43917 was published Apr 19, 2025
IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 could allow an authenticated... Moderate Unreviewed
CVE-2024-49808 was published Apr 18, 2025
The Password Protected – Password Protect your WordPress Site, Pages, & WooCommerce Products –... Moderate Unreviewed
CVE-2025-3453 was published Apr 17, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Low Unreviewed
CVE-2025-30703 was published Apr 15, 2025
Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite ... Moderate Unreviewed
CVE-2025-21582 was published Apr 15, 2025
Incorrect Authorization vulnerability in The Wikimedia Foundation Mediawiki - OAuth Extension... Critical Unreviewed
CVE-2025-32068 was published Apr 11, 2025
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization... High Unreviewed
CVE-2025-26330 was published Apr 10, 2025
SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions... Moderate Unreviewed
CVE-2025-31331 was published Apr 8, 2025
Pexip Infinity Connect before 1.13.0 lacks sufficient authenticity checks during the loading of... Critical Unreviewed
CVE-2024-38392 was published Apr 2, 2025
This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and... Low Unreviewed
CVE-2025-30469 was published Apr 1, 2025
This issue was addressed with improved data access restriction. This issue is fixed in visionOS 2... High Unreviewed
CVE-2025-24221 was published Apr 1, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24233 was published Apr 1, 2025
HTCondor 23.0.x before 23.0.22, 23.10.x before 23.10.22, 24.0.x before 24.0.6, and 24.6.x before... High Unreviewed
CVE-2025-30093 was published Mar 27, 2025
An improper access control vulnerability in GitLab CE/EE affecting all versions from 17.4 prior... High Unreviewed
CVE-2025-2242 was published Mar 27, 2025
An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have... Moderate Unreviewed
CVE-2024-55965 was published Mar 26, 2025
Improper permission control vulnerability in the OXARI ServiceDesk application could allow an... Critical Unreviewed
CVE-2025-1542 was published Mar 26, 2025
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14... High Unreviewed
CVE-2024-44305 was published Mar 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database