GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,574

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,302 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 has a broken authorization schema. Moderate Unreviewed

CVE-2025-26853 was published Mar 20, 2025

An incorrect authorization vulnerability exists in gaizhenbiao/chuanhuchatgpt version git c91dbfc... Moderate Unreviewed

CVE-2024-9159 was published Mar 20, 2025

In lunary-ai/lunary before version 1.4.30, a privilege escalation vulnerability exists where... High Unreviewed

CVE-2024-9098 was published Mar 20, 2025

In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with... Moderate Unreviewed

CVE-2024-10273 was published Mar 20, 2025

In version 1.5.5 of lunary-ai/lunary, a vulnerability exists where admins, who do not have direct... High Unreviewed

CVE-2024-10275 was published Mar 20, 2025

A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low... High Unreviewed

CVE-2024-10109 was published Mar 20, 2025

A vulnerability has been identified in the port ACL functionality of AOS-CX software running on... Low Unreviewed

CVE-2025-25040 was published Mar 18, 2025

Broken access control vulnerability in the IcProgress Innovación y Cualificación plugin. This... Moderate Unreviewed

CVE-2025-2201 was published Mar 17, 2025

Broken access control vulnerability in the Innovación y Cualificación local administration plugin... Moderate Unreviewed

CVE-2025-2202 was published Mar 17, 2025

Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2 for macOS on Intel platforms allows... High Unreviewed

CVE-2025-30074 was published Mar 16, 2025

This vulnerability exists in the CAP back office application due to improper authorization checks... High Unreviewed

CVE-2025-29997 was published Mar 13, 2025

An issue was discovered in GitLab EE affecting all versions from 16.5 prior to 17.7.7, 17.8 prior... Low Unreviewed

CVE-2024-7296 was published Mar 13, 2025

An issue has been discovered in GitLab EE/CE affecting all versions starting from 16.9 before 17... Moderate Unreviewed

CVE-2025-0652 was published Mar 13, 2025

An incorrect authorization vulnerability [CWE-863] in FortiSIEM 7.2 all versions, 7.1 all... Low Unreviewed

CVE-2024-55592 was published Mar 11, 2025

An incorrect authorization vulnerability [CWE-863] in FortiSandbox 4.4.0 through 4.4.6 may allow... High Unreviewed

CVE-2024-45328 was published Mar 11, 2025

An issue was discovered in the Masquerade module before 1.x-1.0.1 for Backdrop CMS. It allows... High Unreviewed

CVE-2025-27822 was published Mar 8, 2025

Improper authorization in GitLab EE affecting all versions from 17.7 prior to 17.7.6, 17.8 prior... Moderate Unreviewed

CVE-2025-2045 was published Mar 6, 2025

An issue has been discovered in GitLab CE/EE for Self-Managed and Dedicated instances affecting... Low Unreviewed

CVE-2025-1540 was published Mar 6, 2025

Incorrect authorization in PAM vaults in Devolutions Server 2024.3.12 and earlier allows an... High Unreviewed

CVE-2025-2003 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed

CVE-2025-27645 was published Mar 5, 2025

A vulnerability regarding incorrect authorization is found in the firmware upgrade functionality.... Moderate Unreviewed

CVE-2024-39352 was published Mar 4, 2025

During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a... High Unreviewed

CVE-2025-0359 was published Mar 4, 2025

During an annual penetration test conducted on behalf of Axis Communication, Truesec discovered a... High Unreviewed

CVE-2025-0360 was published Mar 4, 2025

In certain IETF OAuth 2.0-related specifications, when the JSON Web Token Profile for OAuth 2.0... Moderate Unreviewed

CVE-2025-27371 was published Mar 3, 2025

OpenID Connect Core through 1.0 errata set 2 allows audience injection in certain situations.... Moderate Unreviewed

CVE-2025-27370 was published Mar 3, 2025

Previous 1…8…93 Next

Previous 1 2 … 6 7 8 9 10 … 92 93 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,302 advisories