Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,791
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,995
NuGet
720
pip
3,789
Pub
12
RubyGems
927
Rust
984
Swift
38
Unreviewed advisories
All unreviewed
5,000+

391 advisories

Loading
A vulnerability has been identified in Mendix OIDC SSO (Mendix 10 compatible) (All versions < V4... Low Unreviewed
CVE-2025-40571 was published May 13, 2025
Nomad Enterprise (“Nomad”) jobs using the policy override option are bypassing the mandatory... High Unreviewed
CVE-2025-3744 was published May 13, 2025
An incorrect privilege management vulnerability in the OPSWAT MetaDefender Endpoint Security SDK... High Unreviewed
CVE-2025-0131 was published May 14, 2025
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on... Moderate Unreviewed
CVE-2025-0135 was published May 14, 2025
A vulnerability classified as problematic has been found in y_project RuoYi 4.8.0. Affected is an... Low Unreviewed
CVE-2025-4819 was published May 17, 2025
Incorrect Privilege Assignment vulnerability in mojoomla WPAMS allows Privilege Escalation.This... High Unreviewed
CVE-2025-39405 was published May 19, 2025
Incorrect Privilege Assignment vulnerability in Contempo Themes Real Estate 7 allows Privilege... High Unreviewed
CVE-2025-39459 was published May 19, 2025
Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject:... High Unreviewed
CVE-2025-39366 was published May 19, 2025
containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods. Moderate
CVE-2025-47291 was published for github.com/containerd/containerd/v2 (Go) May 21, 2025
rata rogowski-piotr
Actors can use a maliciously crafted JavaScript object notation (JSON) web token (JWT) to perform... Moderate Unreviewed
CVE-2025-4692 was published May 23, 2025
An issue was discovered in CyberDAVA before 1.1.20. A privilege escalation vulnerability allows a... Moderate Unreviewed
CVE-2025-48695 was published May 23, 2025
Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro allows... Critical Unreviewed
CVE-2025-31918 was published May 23, 2025
Incorrect Privilege Assignment vulnerability in pebas CouponXL allows Privilege Escalation. This... Critical Unreviewed
CVE-2025-39489 was published May 23, 2025
Incorrect Privilege Assignment vulnerability in Themewinter Eventin allows Privilege Escalation.... Critical Unreviewed
CVE-2025-47539 was published May 23, 2025
Incorrect Privilege Assignment vulnerability in mojoomla Hospital Management System allows... High Unreviewed
CVE-2025-47631 was published May 23, 2025
A Broken Access Control vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3... Moderate Unreviewed
CVE-2025-48741 was published May 23, 2025
A vulnerability, which was classified as problematic, was found in yangshare 技术杨工... Moderate Unreviewed
CVE-2025-5163 was published May 26, 2025
pypickle Incorrect Privilege Assignment vulnerability Moderate
CVE-2025-5175 was published for pypickle (pip) May 26, 2025
PrinceRaj-0
Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a PAM user... Moderate Unreviewed
CVE-2025-4493 was published May 28, 2025
A vulnerability classified as critical has been found in JeeWMS up to 20250504. Affected is the... Moderate Unreviewed
CVE-2025-5387 was published May 31, 2025
A vulnerability, which was classified as critical, was found in JeeWMS up to 20250504. This... Moderate Unreviewed
CVE-2025-5390 was published May 31, 2025
A vulnerability, which was classified as critical, has been found in JeeWMS up to 20250504.... Moderate Unreviewed
CVE-2025-5389 was published May 31, 2025
A vulnerability was found in Mist Community Edition up to 4.7.1. It has been classified as... Moderate Unreviewed
CVE-2025-5409 was published Jun 2, 2025
A vulnerability, which was classified as critical, has been found in juzaweb CMS up to 3.4.2.... Moderate Unreviewed
CVE-2025-5421 was published Jun 2, 2025
A vulnerability, which was classified as problematic, was found in juzaweb CMS up to 3.4.2. This... Moderate Unreviewed
CVE-2025-5422 was published Jun 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database