Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

414 advisories

Loading
Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands... Critical Unreviewed
CVE-2024-46627 was published Sep 26, 2024
A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.1.0.4... Critical Unreviewed
CVE-2024-42514 was published Oct 1, 2024
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed
CVE-2024-45519 was published Oct 3, 2024
TaskCafe 0.3.2 lacks validation in the Cookie value. Any unauthenticated attacker who knows a... Critical Unreviewed
CVE-2023-26770 was published Oct 4, 2024
In version 1.3.2 of lunary-ai/lunary, an Insecure Direct Object Reference (IDOR) vulnerability... Critical Unreviewed
CVE-2024-7474 was published Oct 29, 2024
An improper access control vulnerability in lunary-ai/lunary version 1.3.2 allows an attacker to... Critical Unreviewed
CVE-2024-7475 was published Oct 29, 2024
Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox... Critical Unreviewed
CVE-2023-29121 was published Nov 5, 2024
Allegra SiteConfigAction Improper Access Control Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2023-51644 was published Nov 22, 2024
The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable... Critical Unreviewed
CVE-2024-10124 was published Dec 12, 2024
WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application... Critical Unreviewed
CVE-2024-57032 was published Jan 17, 2025
General OpenMRS Security Advisory, January 2025: Penetration Testing Results and Patches Critical
GHSA-vpxm-cr3r-pjp9 was published for org.openmrs.module:addresshierarchy (Maven) Jan 30, 2025
slubwama mseaton
Credited to slubwama and mseaton
Incorrect Access Control in the Preview Function of Gleamtech FileVista 9.2.0.0 allows remote... Critical Unreviewed
CVE-2024-57249 was published Feb 7, 2025
Incorrect Access Control vulnerability in Atos Eviden IDRA before 2.6.1 could allow the... Critical Unreviewed
CVE-2024-39327 was published Feb 18, 2025
Lexmark MX6500 LW75.JD.P296 and previous devices have Incorrect Access Control via the access... Critical Unreviewed
CVE-2020-35546 was published Feb 19, 2025
Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unauthorized users can access... Critical Unreviewed
CVE-2024-53573 was published Feb 27, 2025
Infoblox NIOS through 8.6.4 has Improper Authentication for Grids. Critical Unreviewed
CVE-2024-37566 was published Feb 28, 2025
Infoblox NIOS through 8.6.4 has Improper Access Control for Grids. Critical Unreviewed
CVE-2024-37567 was published Feb 28, 2025
Incorrect access control in the component /rest/staffResource/create of Serosoft Solutions Pvt... Critical Unreviewed
CVE-2025-25948 was published Mar 3, 2025
Under certain circumstances, a user opt-in setting that Focus should require authentication... Critical Unreviewed
CVE-2025-1941 was published Mar 4, 2025
On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run... Critical Unreviewed
CVE-2025-1260 was published Mar 4, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253... Critical Unreviewed
CVE-2025-27646 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.893 Application 20.0.2140... Critical Unreviewed
CVE-2025-27649 was published Mar 5, 2025
An improper access control vulnerability in FortiMail version 7.4.0 configured with RADIUS... Critical Unreviewed
CVE-2023-47539 was published Mar 18, 2025
An issue was discovered on IROAD Dashcam V devices. It uses an unregistered public domain name as... Critical Unreviewed
CVE-2025-30132 was published Mar 18, 2025
A Cross-Site WebSocket Hijacking (CSWSH) vulnerability in automatic1111/stable-diffusion-webui... Critical Unreviewed
CVE-2024-11045 was published Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database