Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,822
Erlang
36
GitHub Actions
32
Go
2,413
Maven
5,000+
npm
4,052
NuGet
723
pip
3,844
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

132 advisories

Loading
In Sentry 25.1.0 through 25.5.1, an authenticated attacker can access a project's issue endpoint... Moderate Unreviewed
CVE-2025-53073 was published Jun 26, 2025
Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If... Moderate Unreviewed
CVE-2025-41404 was published Jun 26, 2025
Innoshop through 0.4.1 allows Insecure Direct Object Reference (IDOR) at multiple places within... Moderate Unreviewed
CVE-2025-52920 was published Jun 23, 2025
A vulnerability classified as problematic has been found in code-projects Automated Voting System... Moderate Unreviewed
CVE-2025-6352 was published Jun 20, 2025
Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN... High Unreviewed
CVE-2022-36158 was published Sep 27, 2022
A Vertical Privilege Escalation issue in Merchandise Online Store v.1.0 allows an attacker to get... High Unreviewed
CVE-2022-42238 was published Oct 11, 2022
The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure... Moderate Unreviewed
CVE-2022-40845 was published Nov 15, 2022
In Simple Exam Reviewer Management System v1.0 the User List function has improper access control... Moderate Unreviewed
CVE-2022-42197 was published Oct 20, 2022
Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET... Moderate Unreviewed
CVE-2022-28365 was published Apr 10, 2022
Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct... Moderate Unreviewed
CVE-2025-46690 was published Apr 28, 2025
An issue in the /index/user/user_edit.html component of YJCMS v1.0.9 allows unauthenticated... Critical Unreviewed
CVE-2022-45276 was published Nov 23, 2022
NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users... Moderate Unreviewed
CVE-2025-27581 was published Apr 24, 2025
An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and... Moderate Unreviewed
CVE-2025-2595 was published Apr 23, 2025
An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2... Critical Unreviewed
CVE-2017-14244 was published May 13, 2022
An unauthenticated user can access Identity Manager’s management console specific page URLs.... Moderate Unreviewed
CVE-2022-25626 was published Jul 6, 2023
Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive... High Unreviewed
CVE-2022-42953 was published Dec 25, 2022
The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via ... High Unreviewed
CVE-2025-32367 was published Apr 11, 2025
Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system... High Unreviewed
CVE-2004-2144 was published Apr 29, 2022
Direct request ('Forced Browsing') issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all... Critical Unreviewed
CVE-2025-26689 was published Mar 31, 2025
COMFAST (Shenzhen Sihai Zhonglian Network Technology Co., Ltd) CF-WR623N Router firmware V2.3.0.1... High Unreviewed
CVE-2022-47700 was published Jan 31, 2023
A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital... Moderate Unreviewed
CVE-2025-2147 was published Mar 10, 2025
A vulnerability has been identified in SCALANCE XB205-3 (SC, PN) (All versions < V4.5), SCALANCE... Moderate Unreviewed
CVE-2023-44320 was published Nov 14, 2023
Affected versions of Atlassian Confluence Server allow remote attackers to view restricted... Moderate Unreviewed
CVE-2021-26085 was published May 24, 2022
Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. This issue affects Apache... High Unreviewed
CVE-2024-45195 was published Sep 4, 2024
goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of... High Unreviewed
CVE-2020-10181 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database