Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,688
Erlang
34
GitHub Actions
26
Go
2,274
Maven
5,000+
npm
3,929
NuGet
706
pip
3,696
Pub
12
RubyGems
919
Rust
951
Swift
38
Unreviewed advisories
All unreviewed
5,000+

351 advisories

Loading
goshs route not protected, allows command execution Critical
CVE-2025-46816 was published for github.com/patrickhener/goshs (Go) May 6, 2025
Guilhem7
BRCC Incorrect Access Control vulnerability Critical
CVE-2025-45616 was published for com.baidu.mapp:brcc-core (Maven) May 5, 2025
Incorrect access control in the /admin/ API of yaoqishan v0.0.1-SNAPSHOT allows attackers to gain... Critical Unreviewed
CVE-2025-45615 was published May 5, 2025
Incorrect access control in the /user/edit/ component of hope-boot v1.0.0 allows attackers to... Critical Unreviewed
CVE-2025-45611 was published May 5, 2025
Incorrect access control in xmall v1.1 allows attackers to bypass authentication via a crafted... Critical Unreviewed
CVE-2025-45612 was published May 5, 2025
Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint. Critical Unreviewed
CVE-2024-48905 was published May 2, 2025
Incorrect access control in the HOME.php endpoint of JMBroadcast JMB0150 Firmware v1.0 allows... Critical Unreviewed
CVE-2025-28232 was published Apr 21, 2025
Incorrect access control in Orban OPTIMOD 5950 Firmware v1.0.0.2 and System v2.2.15 allows... Critical Unreviewed
CVE-2025-28229 was published Apr 21, 2025
Incorrect access control in BW Broadcast TX600 (14980), TX300 (32990) (31448), TX150, TX1000,... Critical Unreviewed
CVE-2025-28233 was published Apr 18, 2025
Incorrect access control in Itel Electronics IP Stream v1.7.0.6 allows unauthorized attackers to... Critical Unreviewed
CVE-2025-28231 was published Apr 18, 2025
A valid, authenticated user with sufficient privileges and who is aware of Continuous Compliance... Critical Unreviewed
CVE-2025-3113 was published Apr 17, 2025
Access Control Vulnerability in Gerrit chromiumos project configuration in Google ChromeOS 131.0... Critical Unreviewed
CVE-2025-1568 was published Apr 17, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access... Critical Unreviewed
CVE-2025-30281 was published Apr 8, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the... Critical Unreviewed
CVE-2025-28413 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the /editSave... Critical Unreviewed
CVE-2025-28412 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the... Critical Unreviewed
CVE-2025-28410 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the selectDeptTree... Critical Unreviewed
CVE-2025-28408 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method... Critical Unreviewed
CVE-2025-28411 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the changeStatus... Critical Unreviewed
CVE-2025-28405 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobId parameter Critical Unreviewed
CVE-2025-28402 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobLogId parameter Critical Unreviewed
CVE-2025-28406 was published Apr 7, 2025
A library injection issue was addressed with additional restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-30462 was published Apr 1, 2025
This issue was addressed with improved access restrictions. This issue is fixed in visionOS 2.4,... Critical Unreviewed
CVE-2025-30433 was published Apr 1, 2025
A configuration issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24241 was published Apr 1, 2025
Incorrect access control in Adtran 411 ONT L80.00.0011.M2 allows unauthorized attackers to... Critical Unreviewed
CVE-2025-22940 was published Mar 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database