Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,860 advisories

Loading
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect... Critical Unreviewed
CVE-2025-43561 was published May 13, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect... High Unreviewed
CVE-2025-43565 was published May 13, 2025
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... High Unreviewed
CVE-2024-38884 was published Aug 2, 2024
Phoenix before 1.6.14 mishandles check_origin wildcarding High
CVE-2022-42975 was published for phoenix (Erlang) Oct 17, 2022
maennchen
Credited to maennchen
In Delinea PAM Secret Server 11.4, it is possible for a user (with access to the Report... Critical Unreviewed
CVE-2024-25652 was published Mar 14, 2024
An issue was discovered in Znuny through 7.1.3. If access to a ticket is not given, the content... High Unreviewed
CVE-2025-26842 was published May 8, 2025
Moodle Incorrect Authorization vulnerability High
CVE-2020-14321 was published for moodle/moodle (Composer) Aug 17, 2022
AnonySE26
Credited to AnonySE26
Moodle has an IDOR in messaging web service which allows access to some user details Moderate
CVE-2025-3645 was published for moodle/moodle (Composer) Apr 25, 2025
AnonySE26
Credited to AnonySE26
On an F5OS system, if the root user had previously configured the system to allow login via SSH... Critical Unreviewed
CVE-2025-36546 was published May 8, 2025
On F5OS, an improper authorization vulnerability exists where remotely authenticated users (LDAP,... High Unreviewed
CVE-2025-46265 was published May 8, 2025
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager.  The vulnerability... Moderate Unreviewed
CVE-2025-3272 was published May 7, 2025
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability... Critical Unreviewed
CVE-2025-3476 was published May 7, 2025
Improper authorization in handler for custom URL scheme vulnerability in Lemon8 App for Android... Moderate Unreviewed
CVE-2022-41797 was published Oct 24, 2022
A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as... Moderate Unreviewed
CVE-2024-2557 was published Mar 17, 2024
Hashicorp Vault Community vulnerable to Incorrect Authorization Moderate
CVE-2025-3879 was published for github.com/hashicorp/vault (Go) May 2, 2025
The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all... Moderate Unreviewed
CVE-2025-3609 was published May 6, 2025
A permissions issue existed. This issue was addressed with improved permission validation. This... Moderate Unreviewed
CVE-2022-42788 was published Nov 2, 2022
Improper access control in the firmware for some Intel(R) Processors may allow a privileged user... Moderate Unreviewed
CVE-2021-0124 was published Feb 11, 2022
VMware Aria Operations for Logs contains an authentication bypass vulnerability. An... Critical Unreviewed
CVE-2023-34051 was published Oct 20, 2023
Magento Improper Authorization vulnerability Moderate
CVE-2025-27188 was published for magento/community-edition (Composer) Apr 8, 2025
Incorrect authorization during display of Audit Events in GitLab EE affecting all versions from... Moderate Unreviewed
CVE-2022-3413 was published Nov 10, 2022
Zoho ManageEngine ServiceDesk Plus MSP before 10609 and SupportCenter Plus before 11025 are... High Unreviewed
CVE-2022-40773 was published Nov 12, 2022
An attacker with local access to the system can make unauthorized modifications of the security... High Unreviewed
CVE-2021-26360 was published Jul 6, 2023
NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an unprivileged... High Unreviewed
CVE-2025-23244 was published May 1, 2025
OpenFGA Authorization Bypass Moderate
CVE-2025-46331 was published for github.com/openfga/openfga (Go) Apr 30, 2025
avinashs433
Credited to avinashs433
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database