GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,094
Composer 4,792
Erlang 36
GitHub Actions 29
Go 2,377
Maven 5,712
npm 4,002
NuGet 720
pip 3,802
Pub 12
RubyGems 927
Rust 984
Swift 38

Unreviewed advisories

All unreviewed 262,151

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,009 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In Splunk Enterprise versions below 9.4.2, 9.3.5, 9.2.6, and 9.1.9 and Splunk Cloud Platform... Moderate Unreviewed

CVE-2025-20300 was published Jul 7, 2025

Adobe Commerce versions 2.4.8, 2.4.7-p5, 2.4.6-p10, 2.4.5-p12, 2.4.4-p13 and earlier are affected... Moderate Unreviewed

CVE-2025-49550 was published Jun 26, 2025

A vulnerability, which was classified as problematic, was found in linlinjava litemall 1.8.0.... Moderate Unreviewed

CVE-2025-6702 was published Jun 26, 2025

Under certain conditions, an authenticated user request may execute with stale privileges... Moderate Unreviewed

CVE-2025-6707 was published Jun 26, 2025

An incorrect authorization vulnerability exists in multiple WSO2 products that allows... Moderate Unreviewed

CVE-2024-3511 was published Jun 23, 2025

Yealink YMCS before 2025-05-26 does not prevent OpenAPI access by frozen enterprise accounts,... Moderate Unreviewed

CVE-2025-52918 was published Jun 22, 2025

The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-3880 was published Jun 17, 2025

The WordPress Single Sign-On (SSO) plugin for WordPress is vulnerable to unauthorized access due... Moderate Unreviewed

CVE-2025-6003 was published Jun 12, 2025

The macOS Rocket.Chat application is affected by a vulnerability that allows bypassing ... Moderate Unreviewed

CVE-2024-8270 was published Jun 11, 2025

Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization... Moderate Unreviewed

CVE-2025-36578 was published Jun 10, 2025

A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2),... Moderate Unreviewed

CVE-2025-40568 was published Jun 10, 2025

Huawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and... Moderate Unreviewed

CVE-2025-49599 was published Jun 6, 2025

An incorrect authorization vulnerability exists in multiple WSO2 products due to a flaw in the... Moderate Unreviewed

CVE-2024-7097 was published May 30, 2025

IBM Security Guardium 12.0 could allow an authenticated user to obtain sensitive information due... Moderate Unreviewed

CVE-2025-25026 was published May 28, 2025

A low-privileged user is able to obtain information about tasks executed on devices controlled by... Moderate Unreviewed

CVE-2025-1415 was published May 21, 2025

A vulnerability in an API subsystem of Cisco Secure Network Analytics Manager and Cisco Secure... Moderate Unreviewed

CVE-2025-20257 was published May 21, 2025

A low-privileged user can access information about profiles created in Proget MDM (Mobile Device... Moderate Unreviewed

CVE-2025-1418 was published May 21, 2025

In Proget MDM, a low-privileged user can access information about changes contained in backups of... Moderate Unreviewed

CVE-2025-1417 was published May 21, 2025

The MultiVendorX – WooCommerce Multivendor Marketplace Solutions plugin for WordPress is... Moderate Unreviewed

CVE-2025-4101 was published May 17, 2025

A logic issue was addressed with improved checks. This issue is fixed in iOS 18.5 and iPadOS 18.5... Moderate Unreviewed

CVE-2025-31227 was published May 13, 2025

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.6, macOS... Moderate Unreviewed

CVE-2025-30440 was published May 13, 2025

Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability... Moderate Unreviewed

CVE-2025-3272 was published May 7, 2025

The Reales WP STPT plugin for WordPress is vulnerable to unauthorized user registration in all... Moderate Unreviewed

CVE-2025-3609 was published May 6, 2025

The Prevent Direct Access – Protect WordPress Files plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-3861 was published Apr 25, 2025

In Sherpa Orchestrator 141851, a low-privileged user can elevate their privileges by creating new... Moderate Unreviewed

CVE-2025-46544 was published Apr 25, 2025

Previous 1 2 3 4 5 … 40 41 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,009 advisories