Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,912
Erlang
39
GitHub Actions
38
Go
2,569
Maven
5,000+
npm
4,245
NuGet
754
pip
4,006
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

58 advisories

Loading
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting... Low Unreviewed
CVE-2025-8053 was published Oct 20, 2025
Insufficient Granularity of Access Control vulnerability in opentext Flipper allows Exploiting... Low Unreviewed
CVE-2025-8049 was published Oct 20, 2025
ChatLuck contains an insufficient granularity of access control vulnerability in Invitation of... Moderate Unreviewed
CVE-2025-54461 was published Oct 16, 2025
A privilege escalation flaw from host to domain administrator was found in FreeIPA. This... Critical Unreviewed
CVE-2025-7493 was published Sep 30, 2025
Improper input validation in the system management mode (SMM) could allow a privileged attacker... High Unreviewed
CVE-2024-21947 was published Sep 6, 2025
HCL Connections contains a broken access control vulnerability that may allow unauthorized user... Low Unreviewed
CVE-2025-31961 was published Aug 15, 2025
An improper access control in Gitlab EE affecting all versions from 12.0 prior to 18.0.6, 18.1... Low Unreviewed
CVE-2025-2498 was published Aug 13, 2025
Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable... High Unreviewed
CVE-2025-22839 was published Aug 12, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.0.5, 18.1... Moderate Unreviewed
CVE-2025-7001 was published Jul 25, 2025
A vulnerability has been identified in the Now Platform that could result in data being inferred... High Unreviewed
CVE-2025-3648 was published Jul 8, 2025
A missing double-check feature in the WebGUI for CLI deactivation in Infinera G42 version R6.1.3... Moderate Unreviewed
CVE-2025-27026 was published Jul 2, 2025
A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The... Critical Unreviewed
CVE-2025-4404 was published Jun 17, 2025
An issue has been discovered in GitLab EE affecting all versions from 12.0 before 17.10.8, 17.11... Low Unreviewed
CVE-2025-5982 was published Jun 12, 2025
An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before... Moderate Unreviewed
CVE-2025-4979 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In... Low Unreviewed
CVE-2025-1110 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17... Moderate Unreviewed
CVE-2025-1278 was published May 9, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 13.12 before 17.8.7, 17... Moderate Unreviewed
CVE-2025-2408 was published Apr 10, 2025
Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP. High Unreviewed
CVE-2024-33058 was published Apr 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0... High Unreviewed
CVE-2025-29987 was published Apr 3, 2025
Unauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metrics High
CVE-2023-27591 was published for miniflux.app (Go) Apr 2, 2025
40826d fguillot
Credited to 40826d and fguillot
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.8.6, 17.9... Moderate Unreviewed
CVE-2024-12619 was published Mar 28, 2025
A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and... High Unreviewed
CVE-2025-20111 was published Feb 26, 2025
The product implements access controls via a policy or other feature with the intention to... Moderate Unreviewed
CVE-2024-6696 was published Feb 20, 2025
Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow... Moderate Unreviewed
CVE-2024-39279 was published Feb 13, 2025
Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows®... Moderate Unreviewed
CVE-2024-21971 was published Feb 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database