Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,912
Erlang
39
GitHub Actions
38
Go
2,569
Maven
5,000+
npm
4,245
NuGet
754
pip
4,006
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27 advisories

Loading
ChatLuck contains an insufficient granularity of access control vulnerability in Invitation of... Moderate Unreviewed
CVE-2025-54461 was published Oct 16, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 15.0 before 18.0.5, 18.1... Moderate Unreviewed
CVE-2025-7001 was published Jul 25, 2025
A missing double-check feature in the WebGUI for CLI deactivation in Infinera G42 version R6.1.3... Moderate Unreviewed
CVE-2025-27026 was published Jul 2, 2025
An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before... Moderate Unreviewed
CVE-2025-4979 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17... Moderate Unreviewed
CVE-2025-1278 was published May 9, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 13.12 before 17.8.7, 17... Moderate Unreviewed
CVE-2025-2408 was published Apr 10, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.8.6, 17.9... Moderate Unreviewed
CVE-2024-12619 was published Mar 28, 2025
The product implements access controls via a policy or other feature with the intention to... Moderate Unreviewed
CVE-2024-6696 was published Feb 20, 2025
Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow... Moderate Unreviewed
CVE-2024-39279 was published Feb 13, 2025
Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows®... Moderate Unreviewed
CVE-2024-21971 was published Feb 12, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to... Moderate Unreviewed
CVE-2024-11931 was published Jan 24, 2025
Insufficient Granularity of Access Control vulnerability in Drupal Paragraphs table allows... Moderate Unreviewed
CVE-2024-13272 was published Jan 9, 2025
Outlook for Android Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-43604 was published Oct 8, 2024
Withdrawn Advisory: Lunary information disclosure vulnerability Moderate
CVE-2024-6867 was published for lunary (npm) Sep 13, 2024 withdrawn
hughcrt
Credited to hughcrt
lunary-ai/lunary Access Control Vulnerability in Prompt Variation Management Moderate
CVE-2024-5389 was published for lunary (npm) Jun 10, 2024 withdrawn
Improper authorization in zenml Moderate
CVE-2024-2035 was published for zenml (pip) Jun 6, 2024
IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized... Moderate Unreviewed
CVE-2023-43040 was published May 14, 2024
Kimai API returns timesheet entries a user should not be authorized to view Moderate
CVE-2024-29200 was published for kimai/kimai (Composer) Mar 29, 2024
AstroGD
Credited to AstroGD
Insufficient Granularity of Access Control vulnerability in OpenText™ Service Management... Moderate Unreviewed
CVE-2023-32259 was published Mar 19, 2024
An access-control flaw was found in the OpenStack Designate component where private configuration... Moderate Unreviewed
CVE-2023-6725 was published Mar 15, 2024
The disabling function of the user registration page for Heimavista Rpage and Epage is not... Moderate Unreviewed
CVE-2024-2412 was published Mar 13, 2024
A flaw was found in openshift-logging LokiStack. The key used for caching is just the token,... Moderate Unreviewed
CVE-2023-4456 was published Aug 21, 2023
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test... Moderate Unreviewed
CVE-2023-39418 was published Aug 11, 2023
Insufficient Granularity of Access Control in GitHub repository fossbilling/fossbilling prior to... Moderate Unreviewed
CVE-2023-3227 was published Jun 14, 2023
usememos/memos has Insufficient Granularity of Access Control Moderate
CVE-2022-4813 was published for github.com/usememos/memos (Go) Dec 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database