Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,679
Erlang
34
GitHub Actions
26
Go
2,268
Maven
5,000+
npm
3,923
NuGet
705
pip
3,686
Pub
12
RubyGems
916
Rust
944
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,931 advisories

Loading
In Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22... High Unreviewed
CVE-2022-42707 was published Nov 6, 2022
Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03... High Unreviewed
CVE-2025-46628 was published May 2, 2025
Lack of access controls in the 'ate' management binary of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed
CVE-2025-46629 was published May 2, 2025
An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between... High Unreviewed
CVE-2025-46635 was published May 2, 2025
A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v... High Unreviewed
CVE-2025-46619 was published Apr 30, 2025
VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A... Critical Unreviewed
CVE-2022-31687 was published Nov 10, 2022
An attacker with local access to the system can make unauthorized modifications of the security... High Unreviewed
CVE-2021-26360 was published Jul 6, 2023
The Docker image of ownCloud Server through 10.11 contains a misconfiguration that renders the... Moderate Unreviewed
CVE-2022-43679 was published Nov 11, 2022
Insufficient access controls in the AMD Link Android app may potentially result in information... High Unreviewed
CVE-2022-27673 was published Nov 10, 2022
OpenFGA Authorization Bypass Moderate
CVE-2025-46331 was published for github.com/openfga/openfga (Go) Apr 30, 2025
avinashs433
Improper access control of endpoint in HCL Domino Leap allows certain admin users to import... Moderate Unreviewed
CVE-2024-30146 was published May 1, 2025
A vulnerability was found in codeprojects News Publishing Site Dashboard 1.0. It has been rated... Moderate Unreviewed
CVE-2025-3969 was published Apr 27, 2025
A vulnerability was found in kuangstudy KuangSimpleBBS 1.0. It has been declared as critical.... Moderate Unreviewed
CVE-2025-3830 was published Apr 20, 2025
Missing permissions check in Liferay Portal Moderate
CVE-2022-42126 was published for com.liferay.portal:release.portal.bom (Maven) Nov 15, 2022
Vite allows server.fs.deny to be bypassed with .svg or relative paths Moderate
CVE-2025-31486 was published for vite (npm) Apr 4, 2025
HSwift Iuhsssss
kikayli sw0rd1ight do9gy-msec Onetpaer
A vulnerability in the access control list (ACL) programming for port channel subinterfaces of... Moderate Unreviewed
CVE-2024-20291 was published Feb 29, 2024
Carel Boss Mini 1.5.0 has Improper Access Control. Critical Unreviewed
CVE-2022-34827 was published Nov 19, 2022
Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary... High Unreviewed
CVE-2022-45475 was published Nov 25, 2022
There is an access control vulnerability in some ZTE PON OLT products. Due to improper access... Critical Unreviewed
CVE-2022-39070 was published Nov 22, 2022
A remote unauthenticated attacker may be able to change the IP adress of the device, and... High Unreviewed
CVE-2025-32470 was published Apr 28, 2025
A vulnerability classified as critical has been found in youyiio BeyongCms 1.6.0. Affected is an... Moderate Unreviewed
CVE-2025-4006 was published Apr 28, 2025
An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4... High Unreviewed
CVE-2022-44037 was published Nov 29, 2022
In GL.iNet Goodcloud 1.1 Incorrect access control allows a remote attacker to access/change... High Unreviewed
CVE-2022-44211 was published Dec 2, 2022
Improper access control of endpoint in HCL Leap allows certain admin users to import applications... Moderate Unreviewed
CVE-2024-30148 was published Apr 24, 2025
In GL.iNet Goodcloud 1.0, insecure design allows remote attacker to access devices' admin panel. Moderate Unreviewed
CVE-2022-44212 was published Dec 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database