GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,363
Composer 4,820
Erlang 36
GitHub Actions 32
Go 2,410
Maven 5,802
npm 4,049
NuGet 723
pip 3,843
Pub 12
RubyGems 933
Rust 1,003
Swift 38

Unreviewed advisories

All unreviewed 264,539

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

375 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Institute-of-Current-Students 1.0 is vulnerable to Incorrect Access Control in the... Critical Unreviewed

CVE-2025-50870 was published Aug 1, 2025

An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated... Critical Unreviewed

CVE-2025-26062 was published Jul 31, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed

CVE-2025-43232 was published Jul 30, 2025

This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia... Critical Unreviewed

CVE-2025-43233 was published Jul 30, 2025

A configuration issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed

CVE-2025-43192 was published Jul 30, 2025

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS... Critical Unreviewed

CVE-2025-43194 was published Jul 30, 2025

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15... Critical Unreviewed

CVE-2025-43198 was published Jul 30, 2025

This issue was addressed by adding an additional prompt for user consent. This issue is fixed in... Critical Unreviewed

CVE-2025-43184 was published Jul 30, 2025

An issue was discovered on IROAD Dashcam FX2 devices. Bypass of Device Pairing/Registration can... Critical Unreviewed

CVE-2025-30133 was published Jul 28, 2025

A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream... Critical Unreviewed

CVE-2025-27724 was published Jul 28, 2025

In Linksys E2500 3.0.04.002, the chroot_local_user option is enabled in the vsftpd configuration... Critical Unreviewed

CVE-2025-44654 was published Jul 21, 2025

In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control... Critical Unreviewed

CVE-2025-23048 was published Jul 10, 2025

linjiashop <=0.9 is vulnerable to Incorrect Access Control. When using the default-generated JWT... Critical Unreviewed

CVE-2025-52101 was published Jul 1, 2025

Northern.tech Mender Server before 3.7.11 and 4.x before 4.0.1 has Incorrect Access Control. Critical Unreviewed

CVE-2025-49603 was published Jun 26, 2025

Arc before 1.26.1 on Windows has a bypass issue in the site settings that allows websites (with... Critical Unreviewed

CVE-2024-52928 was published Jun 26, 2025

A settings manipulation vulnerability in NCR Terminal Handler v1.5.1 allows attackers to execute... Critical Unreviewed

CVE-2023-47297 was published Jun 23, 2025

The Versa Director SD-WAN orchestration platform which makes use of Cisco NCS application service... Critical Unreviewed

CVE-2024-45208 was published Jun 19, 2025

Tinxy WiFi Lock Controller v1 RF was discovered to be configured to transmit on an open Wi-Fi... Critical Unreviewed

CVE-2025-44619 was published May 30, 2025

An issue in Tenda W18E v.2.0 v.16.01.0.11 allows an attacker to execute arbitrary code via the... Critical Unreviewed

CVE-2025-45343 was published May 28, 2025

Jenkins OpenID Connect Provider Plugin Incorrectly Validates Crafted Build ID Tokens Critical

CVE-2025-47884 was published for io.jenkins.plugins:oidc-provider (Maven) May 14, 2025

ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Access... Critical Unreviewed

CVE-2025-43563 was published May 13, 2025

This issue was addressed by restricting options offered on a locked device. This issue is fixed... Critical Unreviewed

CVE-2025-30436 was published May 13, 2025

goshs route not protected, allows command execution Critical

CVE-2025-46816 was published for github.com/patrickhener/goshs (Go) May 6, 2025

BRCC Incorrect Access Control vulnerability Critical

CVE-2025-45616 was published for com.baidu.mapp:brcc-core (Maven) May 5, 2025

Incorrect access control in xmall v1.1 allows attackers to bypass authentication via a crafted... Critical Unreviewed

CVE-2025-45612 was published May 5, 2025

Previous 1 2 3 4 5 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

375 advisories