GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,417
Composer 4,951
Erlang 39
GitHub Actions 38
Go 2,607
Maven 6,062
npm 4,251
NuGet 757
pip 4,017
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,256

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

136 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. This issue affects Apache... High Unreviewed

CVE-2024-45195 was published Sep 4, 2024

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted... Moderate Unreviewed

CVE-2021-26085 was published May 24, 2022

goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of... High Unreviewed

CVE-2020-10181 was published May 24, 2022

A flaw has been found in Frappe LMS 2.35.0. Impacted is an unknown function of the file /files/... Moderate Unreviewed

CVE-2025-11280 was published Oct 5, 2025

Improper permission control vulnerability in the OXARI ServiceDesk application could allow an... Critical Unreviewed

CVE-2025-1542 was published Mar 26, 2025

Profession Fit 5.0.99 Build 44910 allows authorization bypass via a direct request for /api... Moderate Unreviewed

CVE-2025-59797 was published Sep 22, 2025

A vulnerability has been found in roncoo roncoo-pay up to... Low Unreviewed

CVE-2025-10287 was published Sep 12, 2025

AIML Solutions for HCL SX is vulnerable to a URL validation vulnerability. The issue may allow... Moderate Unreviewed

CVE-2025-31971 was published Aug 28, 2025

In Sentry 25.1.0 through 25.5.1, an authenticated attacker can access a project's issue endpoint... Moderate Unreviewed

CVE-2025-53073 was published Jun 26, 2025

Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If... Moderate Unreviewed

CVE-2025-41404 was published Jun 26, 2025

Innoshop through 0.4.1 allows Insecure Direct Object Reference (IDOR) at multiple places within... Moderate Unreviewed

CVE-2025-52920 was published Jun 23, 2025

A vulnerability classified as problematic has been found in code-projects Automated Voting System... Moderate Unreviewed

CVE-2025-6352 was published Jun 20, 2025

Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN... High Unreviewed

CVE-2022-36158 was published Sep 27, 2022

A Vertical Privilege Escalation issue in Merchandise Online Store v.1.0 allows an attacker to get... High Unreviewed

CVE-2022-42238 was published Oct 11, 2022

The Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576) is affected by a password exposure... Moderate Unreviewed

CVE-2022-40845 was published Nov 15, 2022

In Simple Exam Reviewer Management System v1.0 the User List function has improper access control... Moderate Unreviewed

CVE-2022-42197 was published Oct 20, 2022

Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET... Moderate Unreviewed

CVE-2022-28365 was published Apr 10, 2022

Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct... Moderate Unreviewed

CVE-2025-46690 was published Apr 28, 2025

An issue in the /index/user/user_edit.html component of YJCMS v1.0.9 allows unauthenticated... Critical Unreviewed

CVE-2022-45276 was published Nov 23, 2022

NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users... Moderate Unreviewed

CVE-2025-27581 was published Apr 24, 2025

An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and... Moderate Unreviewed

CVE-2025-2595 was published Apr 23, 2025

An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FW_iB-LR7011A_1.0.2... Critical Unreviewed

CVE-2017-14244 was published May 13, 2022

An unauthenticated user can access Identity Manager’s management console specific page URLs.... Moderate Unreviewed

CVE-2022-25626 was published Jul 6, 2023

Certain ZKTeco products (ZEM500-510-560-760, ZEM600-800, ZEM720, ZMM) allow access to sensitive... High Unreviewed

CVE-2022-42953 was published Dec 25, 2022

The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via ... High Unreviewed

CVE-2025-32367 was published Apr 11, 2025

Previous1…6 Next

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

136 advisories