Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,479
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,537 advisories

Loading
Connect-CMS Access control vulnerability Moderate
GHSA-5rjc-jc28-cwgg was published for opensource-workshop/connect-cms (Composer) Feb 7, 2025
An improper access control vulnerability may allow privilege escalation.This issue affects:  *... High Unreviewed
CVE-2022-26389 was published Feb 7, 2025
Incorrect Access Control in the Preview Function of Gleamtech FileVista 9.2.0.0 allows remote... Critical Unreviewed
CVE-2024-57249 was published Feb 7, 2025
Incorrect access control in the endpoint /admin/m_delete.php of CodeAstro Complaint Management... High Unreviewed
CVE-2024-56889 was published Feb 7, 2025
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Information... Moderate Unreviewed
CVE-2024-13514 was published Feb 4, 2025
access_device.cgi on Digiever DS-2105 Pro 3.1.0.71-11 devices allows arbitrary file read. NOTE:... Moderate Unreviewed
CVE-2023-52164 was published Feb 3, 2025
WildFly improper RBAC permission Moderate
CVE-2025-23367 was published for org.wildfly.core:wildfly-server (Maven) Jan 31, 2025
General OpenMRS Security Advisory, January 2025: Penetration Testing Results and Patches Critical
GHSA-vpxm-cr3r-pjp9 was published for org.openmrs.module:addresshierarchy (Maven) Jan 30, 2025
slubwama mseaton
Duplicate Advisory: Wildfly Server Role Based Access Control (RBAC) provider has Improper Access Control Moderate
GHSA-fcrw-mphx-7cxf was published for org.wildfly:wildfly-server (Maven) Jan 30, 2025 withdrawn
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed
CVE-2025-0745 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed
CVE-2025-0743 was published Jan 30, 2025
an Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed
CVE-2025-0744 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed
CVE-2025-0742 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... Moderate Unreviewed
CVE-2025-0741 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed
CVE-2025-0740 was published Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This... High Unreviewed
CVE-2025-0739 was published Jan 30, 2025
The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object... Moderate Unreviewed
CVE-2024-13457 was published Jan 30, 2025
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an... Moderate Unreviewed
CVE-2024-22316 was published Jan 27, 2025
A vulnerability classified as critical was found in needyamin image_gallery 1.0. This... Moderate Unreviewed
CVE-2025-0722 was published Jan 27, 2025
A vulnerability classified as critical was found in JoeyBling bootplus up to... Moderate Unreviewed
CVE-2025-0702 was published Jan 24, 2025
IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to a file level local denial of service caused by an... Low Unreviewed
CVE-2024-35122 was published Jan 24, 2025
A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass... High Unreviewed
CVE-2025-0650 was published Jan 23, 2025
The Tutor LMS plugin for WordPress is vulnerable to bypass to user registration in versions up to... Moderate Unreviewed
CVE-2024-10393 was published Jan 23, 2025
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker... High Unreviewed
CVE-2025-23090 was published Jan 22, 2025
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker... High Unreviewed
CVE-2025-23083 was published Jan 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database