Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,633
Erlang
34
GitHub Actions
25
Go
2,241
Maven
5,000+
npm
3,902
NuGet
701
pip
3,669
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,585 advisories

Loading
IBM Sterling Connect:Direct Web Services 6.1.0, 6.2.0, and 6.3.0 could allow an authenticated... Moderate Unreviewed
CVE-2024-49808 was published Apr 18, 2025
The Password Protected – Password Protect your WordPress Site, Pages, & WooCommerce Products –... Moderate Unreviewed
CVE-2025-3453 was published Apr 17, 2025
Mattermost Incorrect Authorization vulnerability Moderate
CVE-2025-2564 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 16, 2025
Mattermost Incorrect Authorization vulnerability Moderate
CVE-2025-27571 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 16, 2025
Mattermost Incorrect Authorization vulnerability Low
CVE-2025-24839 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 16, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Low Unreviewed
CVE-2025-30703 was published Apr 15, 2025
Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite ... Moderate Unreviewed
CVE-2025-21582 was published Apr 15, 2025
Mattermost Incorrect Authorization vulnerability Low
CVE-2025-2424 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 14, 2025
Mattermost Fails to Restrict Certain Operations on System Admins Moderate
CVE-2025-32093 was published for github.com/mattermost/mattermost-server (Go) Apr 14, 2025
Incorrect Authorization vulnerability in The Wikimedia Foundation Mediawiki - OAuth Extension... Critical Unreviewed
CVE-2025-32068 was published Apr 11, 2025
Mattermost Fails to Enforce Proper Access Controls on `/api/v4/audits` Endpoint Low
CVE-2025-24866 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 10, 2025
Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.1, contains an incorrect authorization... High Unreviewed
CVE-2025-26330 was published Apr 10, 2025
tendermint-rs's Light Client Verifier allows malicious validators to spoof votes from other validators High
GHSA-6jrf-4jv4-r9mw was published for tendermint-light-client-verifier (Rust) Apr 9, 2025
felix-asym
SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions... Moderate Unreviewed
CVE-2025-31331 was published Apr 8, 2025
GraphQL query operations security can be bypassed High
CVE-2025-31481 was published for api-platform/core (Composer) Apr 4, 2025
soyuka ausi
alanpoulain
Pexip Infinity Connect before 1.13.0 lacks sufficient authenticity checks during the loading of... Critical Unreviewed
CVE-2024-38392 was published Apr 2, 2025
Apache ActiveMQ Artemis User Without Create Address Permissions can Modify Address Routing-Type Low
CVE-2025-27427 was published for org.apache.activemq:artemis-server (Maven) Apr 1, 2025
This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and... Low Unreviewed
CVE-2025-30469 was published Apr 1, 2025
This issue was addressed with improved data access restriction. This issue is fixed in visionOS 2... High Unreviewed
CVE-2025-24221 was published Apr 1, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-24233 was published Apr 1, 2025
Drupal Two-factor Authentication (TFA) Vulnerable to Forceful Browsing Low
CVE-2025-31694 was published for drupal/tfa (Composer) Apr 1, 2025
Drupal Core Vulnerable to Forceful Browsing Moderate
CVE-2025-31673 was published for drupal/core (Composer) Apr 1, 2025
HTCondor 23.0.x before 23.0.22, 23.10.x before 23.10.22, 24.0.x before 24.0.6, and 24.6.x before... High Unreviewed
CVE-2025-30093 was published Mar 27, 2025
An improper access control vulnerability in GitLab CE/EE affecting all versions from 17.4 prior... High Unreviewed
CVE-2025-2242 was published Mar 27, 2025
An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have... Moderate Unreviewed
CVE-2024-55965 was published Mar 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database