Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,429 advisories

Loading
Users who were required to change their password could still access system information before... Moderate Unreviewed
CVE-2025-46742 was published May 12, 2025
A vulnerability was found in kkFileView 4.4.0. It has been classified as critical. This affects... Moderate Unreviewed
CVE-2025-4538 was published May 11, 2025
An issue in Victure RX1800 EN_V1.0.0_r12_110933 allows physically proximate attackers to execute... Moderate Unreviewed
CVE-2025-28201 was published May 9, 2025
A vulnerability was found in SourceCodester Online Student Clearance System 1.0. It has been... Moderate Unreviewed
CVE-2025-4468 was published May 9, 2025
A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated... Moderate Unreviewed
CVE-2025-20223 was published May 7, 2025
A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller... Moderate Unreviewed
CVE-2025-20190 was published May 7, 2025
A vulnerability in the access control list (ACL) programming of Cisco IOS Software that is... Moderate Unreviewed
CVE-2025-20137 was published May 7, 2025
A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm up to 0.0.1. It has... Moderate Unreviewed
CVE-2025-4333 was published May 6, 2025
A vulnerability classified as critical has been found in itsourcecode Content Management System 1... Moderate Unreviewed
CVE-2025-4310 was published May 6, 2025
A vulnerability has been found in kefaming mayi up to 1.3.9 and classified as critical. This... Moderate Unreviewed
CVE-2025-4305 was published May 6, 2025
A vulnerability, which was classified as critical, was found in IdeaCMS up to 1.6. Affected is... Moderate Unreviewed
CVE-2025-4291 was published May 6, 2025
Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis... Moderate Unreviewed
CVE-2025-45618 was published May 5, 2025
Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote... Moderate Unreviewed
CVE-2025-4051 was published May 5, 2025
Improper access control in PAM feature in Devolutions Server 2025.1.6.0 and earlier allows a PAM... Moderate Unreviewed
CVE-2025-4316 was published May 5, 2025
A vulnerability has been found in newbee-mall 1.0 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2025-4259 was published May 5, 2025
A vulnerability, which was classified as critical, was found in zhangyanbo2007 youkefu up to 4.2... Moderate Unreviewed
CVE-2025-4258 was published May 5, 2025
Lack of access controls in the 'ate' management binary of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed
CVE-2025-46629 was published May 2, 2025
Improper access control of endpoint in HCL Domino Leap allows certain admin users to import... Moderate Unreviewed
CVE-2024-30146 was published May 1, 2025
OpenFGA Authorization Bypass Moderate
CVE-2025-46331 was published for github.com/openfga/openfga (Go) Apr 30, 2025
avinashs433
A vulnerability classified as critical has been found in youyiio BeyongCms 1.6.0. Affected is an... Moderate Unreviewed
CVE-2025-4006 was published Apr 28, 2025
A vulnerability was found in codeprojects News Publishing Site Dashboard 1.0. It has been rated... Moderate Unreviewed
CVE-2025-3969 was published Apr 27, 2025
Improper access control of endpoint in HCL Leap allows certain admin users to import applications... Moderate Unreviewed
CVE-2024-30148 was published Apr 24, 2025
It technically possible for a user to upload a file to a conversation despite the file upload... Moderate Unreviewed
CVE-2025-3518 was published Apr 22, 2025
mojoPortal <=2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller -... Moderate Unreviewed
CVE-2025-28367 was published Apr 21, 2025
A vulnerability was found in kuangstudy KuangSimpleBBS 1.0. It has been declared as critical.... Moderate Unreviewed
CVE-2025-3830 was published Apr 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database