Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,545 advisories

Loading
A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical... Moderate Unreviewed
CVE-2025-1166 was published Feb 11, 2025
A vulnerability, which was classified as critical, was found in Lumsoft ERP 8. Affected is the... Moderate Unreviewed
CVE-2025-1165 was published Feb 11, 2025
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker... High Unreviewed
CVE-2025-23090 was published Jan 22, 2025
An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device comes with a serial... Moderate Unreviewed
CVE-2019-20462 was published Nov 7, 2024
Lack of access control in ChallengeSolves (/api/v1/challenges/<challenge id>/solves) of CTFd v2.0... Moderate Unreviewed
CVE-2024-42988 was published Oct 9, 2024
Northern.tech Mender before 3.6.5 and 3.7.x before 3.7.5 has Incorrect Access Control. Moderate Unreviewed
CVE-2024-46948 was published Nov 8, 2024
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... Moderate Unreviewed
CVE-2024-21150 was published Jul 17, 2024
Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute... High Unreviewed
CVE-2013-0422 was published May 5, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... High Unreviewed
CVE-2012-5076 was published May 17, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... Moderate Unreviewed
CVE-2013-2423 was published May 17, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... High Unreviewed
CVE-2012-1723 was published May 14, 2022
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7... High Unreviewed
CVE-2012-4681 was published May 14, 2022
Tenda W18E V16.01.0.8(1625) is vulnerable to Incorrect Access Control. Unauthorized password... High Unreviewed
CVE-2024-46430 was published Feb 10, 2025
Tenda W18E V16.01.0.8(1625) is vulnerable to Incorrect Access Control. An attacker can send a... High Unreviewed
CVE-2024-46432 was published Feb 10, 2025
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to... Moderate Unreviewed
CVE-2015-4902 was published May 13, 2022
Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE... High Unreviewed
CVE-2011-3544 was published May 14, 2022
Magento Improper Access Control Moderate
CVE-2021-21020 was published for magento/community-edition (Composer) May 24, 2022
Incorrect Access Control in the Preview Function of Gleamtech FileVista 9.2.0.0 allows remote... Critical Unreviewed
CVE-2024-57249 was published Feb 7, 2025
Connect-CMS Access control vulnerability Moderate
GHSA-5rjc-jc28-cwgg was published for opensource-workshop/connect-cms (Composer) Feb 7, 2025
Incorrect access control in the endpoint /admin/m_delete.php of CodeAstro Complaint Management... High Unreviewed
CVE-2024-56889 was published Feb 7, 2025
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to authorization... Moderate Unreviewed
CVE-2020-36831 was published Oct 16, 2024
An improper access control vulnerability may allow privilege escalation.This issue affects:  *... High Unreviewed
CVE-2022-26389 was published Feb 7, 2025
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this... Critical Unreviewed
CVE-2020-2506 was published May 24, 2022
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers... Moderate Unreviewed
CVE-2016-3715 was published May 14, 2022
A vulnerability classified as critical was found in itsourcecode Farm Management System up to 1.0... Moderate Unreviewed
CVE-2025-0582 was published Jan 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database