Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,688
Erlang
34
GitHub Actions
26
Go
2,274
Maven
5,000+
npm
3,929
NuGet
706
pip
3,696
Pub
12
RubyGems
919
Rust
951
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,969 advisories

Loading
Improper access control in Azure allows an unauthorized attacker to disclose information over a... High Unreviewed
CVE-2025-33072 was published May 9, 2025
A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated... Moderate Unreviewed
CVE-2025-20223 was published May 7, 2025
A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller... Moderate Unreviewed
CVE-2025-20190 was published May 7, 2025
A vulnerability in the access control list (ACL) programming of Cisco IOS Software that is... Moderate Unreviewed
CVE-2025-20137 was published May 7, 2025
goshs route not protected, allows command execution Critical
CVE-2025-46816 was published for github.com/patrickhener/goshs (Go) May 6, 2025
Guilhem7
Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter. High Unreviewed
CVE-2025-21470 was published May 6, 2025
Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call. High Unreviewed
CVE-2025-21469 was published May 6, 2025
Memory corruption during memory mapping into protected VM address space due to incorrect API... High Unreviewed
CVE-2024-49842 was published May 6, 2025
A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm up to 0.0.1. It has... Moderate Unreviewed
CVE-2025-4333 was published May 6, 2025
A vulnerability classified as critical has been found in itsourcecode Content Management System 1... Moderate Unreviewed
CVE-2025-4310 was published May 6, 2025
A vulnerability has been found in kefaming mayi up to 1.3.9 and classified as critical. This... Moderate Unreviewed
CVE-2025-4305 was published May 6, 2025
A vulnerability, which was classified as critical, was found in IdeaCMS up to 1.6. Affected is... Moderate Unreviewed
CVE-2025-4291 was published May 6, 2025
Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to... High Unreviewed
CVE-2025-45614 was published May 5, 2025
BRCC Incorrect Access Control vulnerability Critical
CVE-2025-45616 was published for com.baidu.mapp:brcc-core (Maven) May 5, 2025
Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis... Moderate Unreviewed
CVE-2025-45618 was published May 5, 2025
Incorrect access control in the /admin/ API of yaoqishan v0.0.1-SNAPSHOT allows attackers to gain... Critical Unreviewed
CVE-2025-45615 was published May 5, 2025
Incorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows... High Unreviewed
CVE-2025-45617 was published May 5, 2025
Incorrect access control in the component /user/list of Shiro-Action v0.6 allows attackers to... High Unreviewed
CVE-2025-45613 was published May 5, 2025
Incorrect access control in the /user/edit/ component of hope-boot v1.0.0 allows attackers to... Critical Unreviewed
CVE-2025-45611 was published May 5, 2025
Incorrect access control in xmall v1.1 allows attackers to bypass authentication via a crafted... Critical Unreviewed
CVE-2025-45612 was published May 5, 2025
Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows... High Unreviewed
CVE-2025-45608 was published May 5, 2025
Incorrect access control in the doFilter function of kob latest v1.0.0-SNAPSHOT allows attackers... High Unreviewed
CVE-2025-45609 was published May 5, 2025
Incorrect access control in the component /scheduleLog/info/1 of PassJava-Platform v3.0.0 allows... High Unreviewed
CVE-2025-45610 was published May 5, 2025
Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to... High Unreviewed
CVE-2025-45237 was published May 5, 2025
Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote... Moderate Unreviewed
CVE-2025-4051 was published May 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database