GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,776
Composer 5,036
Erlang 39
GitHub Actions 38
Go 2,680
Maven 6,124
npm 4,308
NuGet 760
pip 4,081
Pub 12
RubyGems 958
Rust 1,061
Swift 45

Unreviewed advisories

All unreviewed 278,343

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

858 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor.... High Unreviewed

CVE-2025-66423 was published Nov 30, 2025

SOPlanning is vulnerable to Privilege Escalation in user management tab. Users with... High Unreviewed

CVE-2025-62730 was published Nov 20, 2025

Fujitsu iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if the length of a username is... High Unreviewed

CVE-2025-65002 was published Nov 12, 2025

Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability.... High Unreviewed

CVE-2025-61830 was published Nov 11, 2025

A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users... High Unreviewed

CVE-2025-11862 was published Nov 11, 2025

Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the... High Unreviewed

CVE-2025-37736 was published Nov 8, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed

CVE-2025-43387 was published Nov 4, 2025

Nagios Log Server versions prior to 2024R2.0.3 contain an incorrect authorization vulnerability... High Unreviewed

CVE-2025-34273 was published Oct 31, 2025

Nagios Log Server versions prior to 2024R1 contain an incorrect authorization vulnerability.... High Unreviewed

CVE-2023-7322 was published Oct 31, 2025

An Incorrect Authorization vulnerability has been identified in Moxa’s network security... High Unreviewed

CVE-2025-6892 was published Oct 17, 2025

GitLab has remediated an issue in GitLab EE affecting all versions from 18.3 to 18.3.4, 18.4 to... High Unreviewed

CVE-2025-11340 was published Oct 9, 2025

Nagios Log Server before 2024R1.3.2 allows authenticated users (with read-only API access) to... High Unreviewed

CVE-2025-44824 was published Oct 7, 2025

An access control vulnerability was discovered in the CLI functionality due to a specific access... High Unreviewed

CVE-2025-3719 was published Oct 7, 2025

OpenSupports exposes an endpoint that allows the list of 'supervised users' for any account to be... High Unreviewed

CVE-2025-10696 was published Oct 3, 2025

VMware Tools for Windows contains an improper authorisation vulnerability due to the way it... High Unreviewed

CVE-2025-41246 was published Sep 29, 2025

The Sparkle framework includes a helper tool Autoupdate. Due to lack of authentication of... High Unreviewed

CVE-2025-10016 was published Sep 16, 2025

In clearAllowBgActivityStarts of PendingIntentRecord.java, there is a possible way for an... High Unreviewed

CVE-2025-26436 was published Sep 5, 2025

NVIDIA BlueField contains a vulnerability in the management interface, where an attacker with... High Unreviewed

CVE-2025-23256 was published Sep 5, 2025

In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without... High Unreviewed

CVE-2025-48523 was published Sep 4, 2025

In startSpaActivityForApp of SpaActivity.kt, there is a possible cross-user permission bypass due... High Unreviewed

CVE-2025-32333 was published Sep 4, 2025

Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to... High Unreviewed

CVE-2025-55177 was published Aug 29, 2025

IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their... High Unreviewed

CVE-2025-36120 was published Aug 18, 2025

A security issue exists within the 5032 16pt Digital Configurable module’s web server. The web... High Unreviewed

CVE-2025-7773 was published Aug 14, 2025

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... High Unreviewed

CVE-2024-41979 was published Aug 12, 2025

Due to broken authorization, SAP Business One (SLD) allows an authenticated attacker to gain... High Unreviewed

CVE-2025-42951 was published Aug 12, 2025

Previous1…35 Next

Previous 1 2 3 4 5 … 34 35 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

858 advisories