GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,871
Composer 4,474
Erlang 33
GitHub Actions 24
Go 2,198
Maven 5,426
npm 3,843
NuGet 696
pip 3,632
Pub 12
RubyGems 911
Rust 912
Swift 38

Unreviewed advisories

All unreviewed 248,773

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,696 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability classified as critical was found in Digiwin ERP 5.0.1. Affected by this... Moderate Unreviewed

CVE-2025-2706 was published Mar 24, 2025

A vulnerability classified as critical has been found in Digiwin ERP 5.1. Affected is the... Moderate Unreviewed

CVE-2025-2705 was published Mar 24, 2025

A vulnerability, which was classified as critical, has been found in Softwin WMX3 3.1. This issue... Moderate Unreviewed

CVE-2025-2702 was published Mar 24, 2025

A vulnerability classified as critical has been found in PHPGurukul eLearning System 1.0.... Moderate Unreviewed

CVE-2025-2687 was published Mar 24, 2025

A vulnerability was found in Yue Lao Blind Box 月老盲盒 up to 4.0. It has been declared as critical.... Moderate Unreviewed

CVE-2025-2671 was published Mar 24, 2025

A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been... Moderate Unreviewed

CVE-2025-2606 was published Mar 21, 2025

A vulnerability was found in phplaozhang LzCMS-LaoZhangBoKeXiTong up to 1.1.4. It has been rated... Moderate Unreviewed

CVE-2025-2607 was published Mar 21, 2025

PipeCD Vulnerable to Privilege Escalation High

CVE-2024-53351 was published for github.com/pipe-cd/pipecd (Go) Mar 21, 2025

LoxiLB v.0.9.7 and before is vulnerable to Incorrect Access Control which allows attackers to... High Unreviewed

CVE-2024-53348 was published Mar 21, 2025

An IDOR vulnerability in danswer-ai/danswer v0.3.94 allows an attacker to view any files. The... Moderate Unreviewed

CVE-2024-9617 was published Mar 20, 2025

In lunary-ai/lunary before version 1.4.30, a privilege escalation vulnerability exists where... High Unreviewed

CVE-2024-9098 was published Mar 20, 2025

lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST ... Critical Unreviewed

CVE-2024-8999 was published Mar 20, 2025

A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240802 allows attackers to access, copy,... High Unreviewed

CVE-2024-8613 was published Mar 20, 2025

In version 0.4.1 of danswer-ai/danswer, a vulnerability exists where a basic user can create... Moderate Unreviewed

CVE-2024-8057 was published Mar 20, 2025

Aim Improper Access Control Moderate

CVE-2024-8238 was published for aim (pip) Mar 20, 2025

A broken access control vulnerability exists in lunary-ai/lunary versions 1.2.7 through 1.4.2.... Moderate Unreviewed

CVE-2024-7476 was published Mar 20, 2025

An improper access control vulnerability exists in danswer-ai/danswer version v0.3.94. This... Moderate Unreviewed

CVE-2024-7767 was published Mar 20, 2025

In version v0.3.8 of open-webui/open-webui, there is an improper access control vulnerability. On... Moderate Unreviewed

CVE-2024-7040 was published Mar 20, 2025

Due to a lack of access control, unauthorized users are able to view and modify information... High Unreviewed

CVE-2024-2292 was published Mar 20, 2025

In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a... High Unreviewed

CVE-2024-11300 was published Mar 20, 2025

GPT Academy version 3.83 in the binary-husky/gpt_academic repository is vulnerable to Cross-Site... High Unreviewed

CVE-2024-10956 was published Mar 20, 2025

A Cross-Site WebSocket Hijacking (CSWSH) vulnerability in automatic1111/stable-diffusion-webui... Critical Unreviewed

CVE-2024-11045 was published Mar 20, 2025

An Insecure Direct Object Reference (IDOR) vulnerability exists in the `PATCH /v1/runs/:id/score`... High Unreviewed

CVE-2024-11137 was published Mar 20, 2025

An improper access control vulnerability in danny-avila/librechat versions prior to 0.7.6 allows... Critical Unreviewed

CVE-2024-11167 was published Mar 20, 2025

In lunary-ai/lunary version 1.5.6, the `/v1/evaluators/` endpoint lacks proper access control,... Moderate Unreviewed

CVE-2024-10330 was published Mar 20, 2025

Previous 1 2 3 4 5 … 107 108 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,696 advisories