GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,557
Composer 5,386
Erlang 44
GitHub Actions 46
Go 3,270
Maven 6,323
npm 5,240
NuGet 867
pip 4,517
Pub 12
RubyGems 998
Rust 1,194
Swift 51

Unreviewed advisories

All unreviewed 294,112

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

275 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An arbitrary file upload vulnerability in the component /server/executeExec of JEHC-BPM v2.0.1... Critical Unreviewed

CVE-2025-45854 was published Jun 3, 2025

This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... Critical Unreviewed

CVE-2025-30448 was published May 13, 2025

An issue was discovered in Znuny before 7.1.4. Permissions are not checked properly when using... Critical Unreviewed

CVE-2025-26846 was published May 12, 2025

Incorrect access control in Victure RX1800 EN_V1.0.0_r12_110933 allows attackers to enable SSH... Critical Unreviewed

CVE-2025-28202 was published May 9, 2025

A vulnerability in the S3 bucket configuration for h2oai/h2o-3 allows public write access to the ... Critical Unreviewed

CVE-2025-0782 was published May 2, 2025

Digigram's PYKO-OUT audio-over-IP (AoIP) web-server does not require a password by default,... Critical Unreviewed

CVE-2025-3927 was published May 2, 2025

The OTP-less one tap Sign in plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed

CVE-2025-3746 was published May 2, 2025

The Flynax Bridge plugin for WordPress is vulnerable to privilege escalation via account takeover... Critical Unreviewed

CVE-2025-3604 was published Apr 24, 2025

A vulnerability in the cmdb service of the HPE Performance Cluster Manager (HPCM) could allow an... Critical Unreviewed

CVE-2025-37087 was published Apr 22, 2025

An issue in the login page of Seclore v3.27.5.0 allows attackers to bypass authentication via a... Critical Unreviewed

CVE-2024-53591 was published Apr 18, 2025

An authentication issue was addressed with improved state management. This issue is fixed in... Critical Unreviewed

CVE-2025-31194 was published Apr 1, 2025

This issue was addressed with improved handling of symlinks. This issue is fixed in visionOS 2.4,... Critical Unreviewed

CVE-2025-31182 was published Apr 1, 2025

An access issue was addressed with additional sandbox restrictions on the system pasteboards.... Critical Unreviewed

CVE-2025-30461 was published Apr 1, 2025

This issue was addressed with additional entitlement checks. This issue is fixed in macOS Ventura... Critical Unreviewed

CVE-2025-24259 was published Apr 1, 2025

A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in... Critical Unreviewed

CVE-2025-24249 was published Apr 1, 2025

This issue was addressed by adding a delay between verification code attempts. This issue is... Critical Unreviewed

CVE-2025-24245 was published Apr 1, 2025

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed

CVE-2025-24181 was published Apr 1, 2025

The Checkout Mestres do WP for WooCommerce plugin for WordPress is vulnerable to unauthorized... Critical Unreviewed

CVE-2025-2266 was published Mar 29, 2025

In lunary-ai/lunary version v1.4.28, the /bigquery API route lacks proper access control,... Critical Unreviewed

CVE-2024-9095 was published Mar 20, 2025

lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST ... Critical Unreviewed

CVE-2024-8999 was published Mar 20, 2025

The Altair theme for WordPress is vulnerable to unauthorized modification of data that can lead... Critical Unreviewed

CVE-2024-12922 was published Mar 19, 2025

The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege... Critical Unreviewed

CVE-2024-12876 was published Mar 7, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed

CVE-2025-27666 was published Mar 5, 2025

The Newscrunch theme for WordPress is vulnerable to arbitrary file uploads due to a missing... Critical Unreviewed

CVE-2025-1307 was published Mar 4, 2025

Missing Authorization vulnerability in NotFound Residential Address Detection allows Privilege... Critical Unreviewed

CVE-2025-27270 was published Mar 3, 2025

Previous 1…4…11 Next

Previous 1 2 3 4 5 6 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

275 advisories