Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,368
Maven
5,000+
npm
3,989
NuGet
720
pip
3,781
Pub
12
RubyGems
926
Rust
982
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,082 advisories

Loading
The Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4.x does not require authentication,... High Unreviewed
CVE-2012-6068 was published May 17, 2022
Misconfigured settings in IITB SSO v1.1.0 allow attackers to access sensitive application data. High Unreviewed
CVE-2025-45081 was published Jul 1, 2025
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB... High Unreviewed
CVE-2012-6439 was published May 17, 2022
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB... High Unreviewed
CVE-2012-6442 was published May 14, 2022
Rockwell Automation EtherNet/IP products; 1756-ENBT, 1756-EWEB, 1768-ENBT, and 1768-EWEB... High Unreviewed
CVE-2012-6435 was published May 17, 2022
StreamLabs Desktop Application 1.9.0 is vulnerable to Incorrect Access Control via obs64.exe. An... High Unreviewed
CVE-2022-36263 was published Aug 20, 2022
Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability. This vulnerability... High Unreviewed
CVE-2025-6443 was published Jun 26, 2025
An issue in NCR Terminal Handler v1.5.1 allows low-level privileged authenticated attackers to... High Unreviewed
CVE-2023-47294 was published Jun 23, 2025
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager... High Unreviewed
CVE-2024-20916 was published Jan 17, 2024
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed
CVE-2024-20918 was published Jan 17, 2024
ACL configured in ip_allow.config or remap.config does not use IP addresses that are provided by... High Unreviewed
CVE-2025-31698 was published Jun 19, 2025
HCL DRYiCE MyXalytics is impacted by an Improper Access Control (Controller APIs) vulnerability.... High Unreviewed
CVE-2023-50343 was published Jan 3, 2024
HCL DRYiCE MyXalytics is impacted by Improper Access Control (Obsolete web pages) vulnerability.... High Unreviewed
CVE-2023-50341 was published Jan 3, 2024
WALLIX Bastion 7.x, 8.x, 9.x and 10.x and WALLIX Access Manager 3.x and 4.x have Incorrect Access... High Unreviewed
CVE-2023-49961 was published Jan 8, 2024
An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free... High Unreviewed
CVE-2025-49154 was published Jun 17, 2025
Vulnerability of foreground service restrictions being bypassed in the NMS module. Successful... High Unreviewed
CVE-2023-52099 was published Jan 16, 2024
In ScaleFusion (Windows Desktop App) agent v10.5.2, Kiosk mode application restrictions can be... High Unreviewed
CVE-2023-50159 was published Jan 11, 2024
In Min before 1.31.0, local files are not correctly treated as unique security origins, which... High Unreviewed
CVE-2024-25677 was published Feb 9, 2024
Incorrect access control in QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 allows... High Unreviewed
CVE-2023-51065 was published Jan 13, 2024
Dell iDRAC Tools, version(s) prior to 11.3.0.0, contain(s) an Improper Access Control... High Unreviewed
CVE-2025-27689 was published Jun 12, 2025
This High severity PrivEsc (Privilege Escalation) vulnerability was introduced in versions: 9.12... High Unreviewed
CVE-2025-22157 was published May 20, 2025
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of... High Unreviewed
CVE-2023-21901 was published Jan 17, 2024
Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally. High Unreviewed
CVE-2025-47962 was published Jun 10, 2025
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a... High Unreviewed
CVE-2025-33073 was published Jun 10, 2025
Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an... High Unreviewed
CVE-2025-33056 was published Jun 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database