Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,007 advisories

Loading
Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected... Moderate Unreviewed
CVE-2025-49550 was published Jun 26, 2025
Under certain conditions, an authenticated user request may execute with stale privileges... Moderate Unreviewed
CVE-2025-6707 was published Jun 26, 2025
An incorrect authorization vulnerability exists in multiple WSO2 products that allows... Moderate Unreviewed
CVE-2024-3511 was published Jun 23, 2025
Yealink YMCS before 2025-05-26 does not prevent OpenAPI access by frozen enterprise accounts,... Moderate Unreviewed
CVE-2025-52918 was published Jun 22, 2025
A logic issue was addressed with improved checks This issue is fixed in macOS Sonoma 14. A camera... Moderate Unreviewed
CVE-2023-41994 was published Jan 11, 2024
The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-3880 was published Jun 17, 2025
Vulnerability in Oracle Java SE (component: CORBA). Supported versions that are affected are... Moderate Unreviewed
CVE-2023-22067 was published Oct 18, 2023
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.1. An app... Moderate Unreviewed
CVE-2023-41077 was published Oct 25, 2023
The WordPress Single Sign-On (SSO) plugin for WordPress is vulnerable to unauthorized access due... Moderate Unreviewed
CVE-2025-6003 was published Jun 12, 2025
The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when... Moderate Unreviewed
CVE-2022-0775 was published Jan 16, 2024
The macOS Rocket.Chat application is affected by a vulnerability that allows bypassing ... Moderate Unreviewed
CVE-2024-8270 was published Jun 11, 2025
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with... Moderate Unreviewed
CVE-2023-43609 was published Feb 9, 2024
Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization... Moderate Unreviewed
CVE-2025-36578 was published Jun 10, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2),... Moderate Unreviewed
CVE-2025-40568 was published Jun 10, 2025
Huawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and... Moderate Unreviewed
CVE-2025-49599 was published Jun 6, 2025
The Print Labels with Barcodes. Create price tags, product labels, order labels for WooCommerce... Moderate Unreviewed
CVE-2024-1677 was published May 2, 2024
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... Moderate Unreviewed
CVE-2020-28406 was published May 24, 2022
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... Moderate Unreviewed
CVE-2020-28404 was published May 24, 2022
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. There is improper... Moderate Unreviewed
CVE-2018-10212 was published May 13, 2022
An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the... Moderate Unreviewed
CVE-2024-7097 was published May 30, 2025
An issue was discovered in Telindus Apsal 3.14.2022.235 b. Unauthorized actions that could modify... Moderate Unreviewed
CVE-2023-26097 was published Apr 24, 2023
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6... Moderate Unreviewed
CVE-2020-28401 was published May 24, 2022
A vulnerability was found in mod_proxy_cluster. The issue is that the <Directory> directive... Moderate Unreviewed
CVE-2024-10306 was published Apr 23, 2025
IBM Security Guardium 12.0 could allow an authenticated user to obtain sensitive information due... Moderate Unreviewed
CVE-2025-25026 was published May 28, 2025
Inappropriate implementation in Site Isolation in Google Chrome prior to 105.0.5195.52 allowed a... Moderate Unreviewed
CVE-2022-3044 was published Sep 27, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database