Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,893 advisories

Loading
Grafana vulnerable to authenticated users bypassing dashboard, folder permissions High
CVE-2025-3260 was published for github.com/grafana/grafana (Go) Jun 2, 2025
Philips SureSigns VS4, A.07.107 and prior. The software does not restrict or incorrectly... Low Unreviewed
CVE-2020-16241 was published May 24, 2022
WSO2 products vulnerable to privilege escalation due to business logic flaw in SOAP admin services Moderate
CVE-2024-7096 was published for org.wso2.am:am-parent (Maven) May 30, 2025
Valtimo backend libraries allows objects in the object-api to be accessed and modified by unauthorized users High
CVE-2025-48881 was published for com.ritense.valtimo:object-management (Maven) May 28, 2025
Users with `create` but not `override` privileges can perform local sync Moderate
CVE-2023-50726 was published for github.com/argoproj/argo-cd (Go) Mar 15, 2024
crenshaw-dev
Credited to crenshaw-dev
In wlan AP driver, there is a possible way to inject arbitrary packet due to a missing permission... Critical Unreviewed
CVE-2025-20674 was published Jun 2, 2025
Navidrome Transcoding Permission Bypass Vulnerability Report High
CVE-2025-48948 was published for github.com/navidrome/navidrome (Go) May 29, 2025
lujiefsi
Credited to lujiefsi
Mattermost fails to properly enforce access control restrictions for System Manager roles Low
CVE-2025-3611 was published for github.com/mattermost/mattermost/server/v8 (Go) May 30, 2025
Mattermost fails to properly enforce access controls for guest users Low
CVE-2025-1792 was published for github.com/mattermost/mattermost/server/v8 (Go) May 30, 2025
In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/user/ user creation endpoint allows... High Unreviewed
CVE-2021-38617 was published May 24, 2022
In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/user/{user-guid}/ user edition... High Unreviewed
CVE-2021-38616 was published May 24, 2022
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... Moderate Unreviewed
CVE-2020-28406 was published May 24, 2022
In Eigen NLP 3.10.1, a lack of access control on the /auth/v1/sso/config/ SSO configuration... High Unreviewed
CVE-2021-38615 was published May 24, 2022
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... High Unreviewed
CVE-2020-28405 was published May 24, 2022
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... Moderate Unreviewed
CVE-2020-28404 was published May 24, 2022
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... High Unreviewed
CVE-2020-28402 was published May 24, 2022
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper... Moderate Unreviewed
CVE-2018-10212 was published May 13, 2022
An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the... Moderate Unreviewed
CVE-2024-7097 was published May 30, 2025
An issue was discovered in Telindus Apsal 3.14.2022.235 b. Unauthorized actions that could modify... Moderate Unreviewed
CVE-2023-26097 was published Apr 24, 2023
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses... High Unreviewed
CVE-2022-34908 was published Feb 27, 2023
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... Moderate Unreviewed
CVE-2020-28401 was published May 24, 2022
MantisBT Incorrect Authorization in bug_actiongroup_page.php Moderate
CVE-2020-29605 was published for mantisbt/mantisbt (Composer) May 24, 2022
MantisBT Incorrect Authorization for bug_revision_view_page.php check High
CVE-2020-35849 was published for mantisbt/mantisbt (Composer) May 24, 2022
Mattermost improperly allows team administrators to modify team invites Moderate
CVE-2025-3913 was published for github.com/mattermost/mattermost/server/v8 (Go) May 29, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In... Low Unreviewed
CVE-2025-1110 was published May 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database