Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

195 advisories

Loading
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... Critical Unreviewed
CVE-2024-6328 was published Jul 12, 2024
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... Critical Unreviewed
CVE-2025-30448 was published May 13, 2025
An issue was discovered in Znuny before 7.1.4. Permissions are not checked properly when using... Critical Unreviewed
CVE-2025-26846 was published May 12, 2025
Incorrect access control in Victure RX1800 EN_V1.0.0_r12_110933 allows attackers to enable SSH... Critical Unreviewed
CVE-2025-28202 was published May 9, 2025
A vulnerability in the S3 bucket configuration for h2oai/h2o-3 allows public write access to the ... Critical Unreviewed
CVE-2025-0782 was published May 2, 2025
The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed
CVE-2025-3746 was published May 2, 2025
A vulnerability in the cmdb service of the HPE Performance Cluster Manager (HPCM) could allow an... Critical Unreviewed
CVE-2025-37087 was published Apr 22, 2025
** UNSUPPORTED WHEN ASSIGNED ** A security filter misconfiguration exists in VMware Hyperic... Critical Unreviewed
CVE-2022-38651 was published Nov 12, 2022
The web conferencing component of Mitel MiCollab through 9.6.0.13 could allow an unauthenticated... Critical Unreviewed
CVE-2022-41326 was published Nov 22, 2022
The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover... Critical Unreviewed
CVE-2025-3604 was published Apr 24, 2025
An issue in the login page of Seclore v3.27.5.0 allows attackers to bypass authentication via a... Critical Unreviewed
CVE-2024-53591 was published Apr 18, 2025
A vulnerability in the web interface for Cisco Prime Collaboration Provisioning could allow an... Critical Unreviewed
CVE-2017-6622 was published May 13, 2022
Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 was... Critical Unreviewed
CVE-2025-25953 was published Mar 3, 2025
In CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1107, an unauthenticated attacker... Critical Unreviewed
CVE-2021-45467 was published Dec 26, 2022
Missing authorization vulnerability exists in Unifier and Unifier Cast Version.5.0 or later, and... Critical Unreviewed
CVE-2024-36246 was published May 31, 2024
BlogEngine.NET v3.3.8.0 allows an attacker to create any folder with "files" prefix under ~... Critical Unreviewed
CVE-2022-41417 was published Jan 18, 2023
An access issue was addressed with additional sandbox restrictions on the system pasteboards.... Critical Unreviewed
CVE-2025-30461 was published Apr 1, 2025
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in... Critical Unreviewed
CVE-2025-24249 was published Apr 1, 2025
An authentication issue was addressed with improved state management. This issue is fixed in... Critical Unreviewed
CVE-2025-31194 was published Apr 1, 2025
This issue was addressed by adding a delay between verification code attempts. This issue is... Critical Unreviewed
CVE-2025-24245 was published Apr 1, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24181 was published Apr 1, 2025
This issue was addressed with improved handling of symlinks. This issue is fixed in visionOS 2.4,... Critical Unreviewed
CVE-2025-31182 was published Apr 1, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Ventura... Critical Unreviewed
CVE-2025-24259 was published Apr 1, 2025
The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized... Critical Unreviewed
CVE-2025-2266 was published Mar 29, 2025
Italtel NetMatch-S CI 5.2.0-20211008 has incorrect Access Control under NMSCI-WebGui... Critical Unreviewed
CVE-2022-39811 was published Jan 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database