Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,860 advisories

Loading
Magento is affected by an improper authorization vulnerability Moderate
CVE-2021-36037 was published for magento/community-edition (Composer) May 24, 2022
Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the... High Unreviewed
CVE-2025-37736 was published Nov 8, 2025
The Flexible Refund and Return Order for WooCommerce plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-12621 was published Nov 8, 2025
Incorrect Authorization in Apache Solr Moderate
CVE-2018-11802 was published for org.apache.solr:solr-core (Maven) Feb 9, 2022
tjuyuxinzhang
Credited to tjuyuxinzhang
A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users... High Unreviewed
CVE-2025-11862 was published Nov 11, 2025
Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability.... High Unreviewed
CVE-2025-61830 was published Nov 11, 2025
Fujitsu iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length of a username is... High Unreviewed
CVE-2025-65002 was published Nov 12, 2025
An issue was discovered in rymcu forest thru commit f782e85 (2025-09-04) in function doBefore in... Moderate Unreviewed
CVE-2025-63687 was published Nov 7, 2025
Mattermost versions 10.11.x <= 10.11.3, 10.5.x <= 10.5.11 fail to properly validate team... Low Unreviewed
CVE-2025-11777 was published Nov 13, 2025
A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications,... High Unreviewed
CVE-2024-37002 was published Jun 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database