Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,325 advisories

Loading
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to... Moderate Unreviewed
CVE-2025-53791 was published Sep 5, 2025
Improper access control in ImsService prior to SMR Sep-2025 Release 1 allows local attackers to... Moderate Unreviewed
CVE-2025-21031 was published Sep 5, 2025
Azure Networking Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-54914 was published Sep 5, 2025
Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability High Unreviewed
CVE-2025-55238 was published Sep 5, 2025
Azure Bot Service Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-55244 was published Sep 5, 2025
In multiple functions of VpnManager.java, there is a possible cross-user data leak due to a logic... Moderate Unreviewed
CVE-2025-26424 was published Sep 4, 2025
A flaw has been found in CodeAstro Real Estate Management System 1.0. This impacts an unknown... Moderate Unreviewed
CVE-2025-9941 was published Sep 4, 2025
A vulnerability has been found in CodeAstro Real Estate Management System 1.0. Affected is an... Moderate Unreviewed
CVE-2025-9942 was published Sep 4, 2025
Information disclosure Moderate Unreviewed
CVE-2025-36909 was published Sep 4, 2025
Jenkins global-build-stats Plugin missing permission check can result in graph IDs being enumerated Moderate
CVE-2025-58459 was published for org.jenkins-ci.plugins:global-build-stats (Maven) Sep 3, 2025
A security vulnerability has been detected in code-projects Mobile Shop Management System 1.0.... Moderate Unreviewed
CVE-2025-9841 was published Sep 3, 2025
Incorrect access control in Beakon Application before v5.4.3 allows authenticated attackers with... Moderate Unreviewed
CVE-2025-55373 was published Sep 2, 2025
The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities,... High Unreviewed
CVE-2025-54599 was published Sep 2, 2025
A vulnerability has been found in xujeff tianti 天梯 up to 2.3. The impacted element is the... Moderate Unreviewed
CVE-2025-9795 was published Sep 2, 2025
A vulnerability was found in RemoteClinic up to 2.0. Impacted is an unknown function of the file ... Moderate Unreviewed
CVE-2025-9775 was published Sep 2, 2025
There is an Access Control Vulnerability in some HikCentral Professional versions. This could... High Unreviewed
CVE-2025-39247 was published Aug 29, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.2. An app... Low Unreviewed
CVE-2024-44271 was published Aug 29, 2025
Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4.0 firmware v16.03.10... Moderate Unreviewed
CVE-2025-57219 was published Aug 28, 2025
Contao applies improper access control in the back end voters Moderate
CVE-2025-57758 was published for contao/contao (Composer) Aug 28, 2025
Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside... Moderate Unreviewed
CVE-2025-25733 was published Aug 26, 2025
Incorrect access control in the EEPROM component of Kapsch TrafficCom RIS-9160 & RIS-9260... Moderate Unreviewed
CVE-2025-25732 was published Aug 26, 2025
A vulnerability has been found in SourceCodester Human Resource Information System 1.0. Affected... Moderate Unreviewed
CVE-2025-9476 was published Aug 26, 2025
A flaw has been found in SourceCodester Human Resource Information System 1.0. Affected by this... Moderate Unreviewed
CVE-2025-9475 was published Aug 26, 2025
A vulnerability was identified in GreenCMS up to 2.3.0603. This affects an unknown part of the... Moderate Unreviewed
CVE-2025-9415 was published Aug 26, 2025
PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the getThemeFileContent function. High Unreviewed
CVE-2025-29421 was published Aug 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database