Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,038 advisories

Loading
In XIQ-SE before 24.2.11, a low-privileged user may be able to access admin passwords, which... High Unreviewed
CVE-2024-38291 was published Feb 28, 2025
An issue has been discovered in GitLab EE affecting all versions starting from 15.1 before 15.7.8... High Unreviewed
CVE-2022-4331 was published Mar 10, 2023
Mautic vulnerable to Improper Access Control in UI upgrade process High
CVE-2022-25768 was published for mautic/core (Composer) Sep 18, 2024
mollux escopecz
patrykgruszka
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker... High Unreviewed
CVE-2025-23083 was published Jan 22, 2025
Magento Improper Access Control vulnerability High
CVE-2025-24411 was published for magento/community-edition (Composer) Feb 11, 2025
Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login High
CVE-2025-23389 was published for github.com/rancher/rancher (Go) Feb 27, 2025
Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0... High Unreviewed
CVE-2024-12368 was published Feb 25, 2025
Improper access control in mail module of Odoo Community 17.0 and Odoo Enterprise 17.0 allows... High Unreviewed
CVE-2024-36259 was published Feb 25, 2025
Improper access control in some Intel(R) Optane(TM) PMem 100 Series Management Software before... High Unreviewed
CVE-2023-22311 was published Feb 20, 2025
Improper access control in some Intel(R) Optane(TM) PMem software before versions 01.00.00.3547,... High Unreviewed
CVE-2023-27517 was published Feb 20, 2025
An improper access control vulnerability in Power Pages allows an unauthorized attacker to... High Unreviewed
CVE-2025-24989 was published Feb 20, 2025
Sage DPW before 2024_12_001 is vulnerable to Incorrect Access Control. The implemented role-based... High Unreviewed
CVE-2024-56883 was published Feb 18, 2025
Red Gate SQL Monitor 11.0.14 through 12.1.46 has Incorrect Access Control, exploitable remotely... High Unreviewed
CVE-2022-47542 was published Mar 30, 2023
The VTEX [email protected] GraphQL API module does not properly restrict unauthorized access to... High Unreviewed
CVE-2023-28877 was published Mar 31, 2023
Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated High
CVE-2024-22234 was published for org.springframework.security:spring-security-core (Maven) Feb 20, 2024
oscerd
When the directory containing the installer does not have sufficiently restrictive file... High Unreviewed
CVE-2022-43702 was published Jul 28, 2023
Improper access control in some Intel(R) Graphics software may allow an authenticated user to... High Unreviewed
CVE-2024-37355 was published Feb 13, 2025
Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability High Unreviewed
CVE-2025-24042 was published Feb 11, 2025
Windows Kernel Security Feature Bypass Vulnerability High Unreviewed
CVE-2025-21359 was published Feb 11, 2025
Improper access control vulnerability in Buffalo network devices allows a network-adjacent... High Unreviewed
CVE-2023-24544 was published Apr 11, 2023
With the aid of the diagnostics_channel utility, an event can be hooked into whenever a worker... High Unreviewed
CVE-2025-23090 was published Jan 22, 2025
Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute... High Unreviewed
CVE-2013-0422 was published May 5, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... High Unreviewed
CVE-2012-5076 was published May 17, 2022
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7... High Unreviewed
CVE-2012-1723 was published May 14, 2022
Multiple vulnerabilities in the Java Runtime Environment (JRE) component in Oracle Java SE 7... High Unreviewed
CVE-2012-4681 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database