Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

951 advisories

Loading
Auth. (subscriber+) Messaging Block Bypass vulnerability in Better Messages plugin <= 1.9.10.69... Moderate Unreviewed
CVE-2022-40216 was published Nov 19, 2022
IBM Cognos Controller 11.0.0 through 11.0.1 FP3 and IBM Controller 11.1.0 could allow an... Moderate Unreviewed
CVE-2024-45081 was published Feb 19, 2025
Insecure Permissions in Atos Eviden IDRA and IDCA before 2.7.0. A highly trusted role (Config... Moderate Unreviewed
CVE-2024-39328 was published Feb 18, 2025
An improper access control vulnerability in sec_log file prior to SMR MAR-2021 Release 1 exposes... Moderate Unreviewed
CVE-2021-25369 was published May 24, 2022
app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a GUI attribute search. Moderate Unreviewed
CVE-2024-57969 was published Feb 14, 2025
Improper Authorization in GitLab CE/EE affecting all versions from 17.7 prior to 17.7.4, 17.8... Moderate Unreviewed
CVE-2025-0516 was published Feb 12, 2025
Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. The device allows unauthenticated... Moderate Unreviewed
CVE-2023-25415 was published Apr 11, 2023
An issue has been discovered in GitLab affecting all versions starting from 13.6 before 15.8.5,... Moderate Unreviewed
CVE-2023-0319 was published Apr 5, 2023
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are... Moderate Unreviewed
CVE-2025-24421 was published Feb 11, 2025
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are... Moderate Unreviewed
CVE-2025-24419 was published Feb 11, 2025
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are... Moderate Unreviewed
CVE-2025-24420 was published Feb 11, 2025
An issue has been discovered in GitLab affecting all versions starting from 15.9 before 15.9.4,... Moderate Unreviewed
CVE-2023-1417 was published Apr 5, 2023
The ABAP Build Framework in SAP ABAP Platform allows an authenticated attacker to gain... Moderate Unreviewed
CVE-2025-24872 was published Feb 11, 2025
SAP NetWeaver Application Server Java allows an attacker to access an endpoint that can disclose... Moderate Unreviewed
CVE-2025-24869 was published Feb 11, 2025
An issue has been discovered in GitLab affecting all versions from 15.5 before 15.8.5, all... Moderate Unreviewed
CVE-2023-1071 was published Apr 5, 2023
An error when handling authorization related to the import / export interfaces on the RISC... Moderate Unreviewed
CVE-2021-41528 was published Feb 7, 2025
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... Moderate Unreviewed
CVE-2025-21502 was published Jan 21, 2025
A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13... Moderate Unreviewed
CVE-2024-54488 was published Jan 28, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24114 was published Jan 28, 2025
In GRAU DATA Blocky before 3.1, Blocky-Gui has a Client-Side Enforcement of Server-Side Security... Moderate Unreviewed
CVE-2024-42013 was published Jan 22, 2025
Vulnerability in Oracle Application Express (component: General). Supported versions that are... Moderate Unreviewed
CVE-2025-21557 was published Jan 21, 2025
Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle... Moderate Unreviewed
CVE-2025-21563 was published Jan 21, 2025
Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft (component... Moderate Unreviewed
CVE-2025-21561 was published Jan 21, 2025
Vulnerability in the Oracle Life Sciences Argus Safety product of Oracle Health Sciences... Moderate Unreviewed
CVE-2025-21570 was published Jan 21, 2025
Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion ... Moderate Unreviewed
CVE-2025-21569 was published Jan 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database