GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,494
Composer 4,688
Erlang 34
GitHub Actions 26
Go 2,274
Maven 5,548
npm 3,930
NuGet 706
pip 3,696
Pub 12
RubyGems 919
Rust 955
Swift 38

Unreviewed advisories

All unreviewed 255,030

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,040 advisories

Filter by severity

Sort by

Least recently updated

Improper access control in Azure allows an unauthorized attacker to disclose information over a... High Unreviewed

CVE-2025-33072 was published May 9, 2025

Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter. High Unreviewed

CVE-2025-21470 was published May 6, 2025

Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call. High Unreviewed

CVE-2025-21469 was published May 6, 2025

Memory corruption during memory mapping into protected VM address space due to incorrect API... High Unreviewed

CVE-2024-49842 was published May 6, 2025

Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to... High Unreviewed

CVE-2025-45614 was published May 5, 2025

Incorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows... High Unreviewed

CVE-2025-45617 was published May 5, 2025

Incorrect access control in the component /user/list of Shiro-Action v0.6 allows attackers to... High Unreviewed

CVE-2025-45613 was published May 5, 2025

Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows... High Unreviewed

CVE-2025-45608 was published May 5, 2025

Incorrect access control in the doFilter function of kob latest v1.0.0-SNAPSHOT allows attackers... High Unreviewed

CVE-2025-45609 was published May 5, 2025

Incorrect access control in the component /scheduleLog/info/1 of PassJava-Platform v3.0.0 allows... High Unreviewed

CVE-2025-45610 was published May 5, 2025

Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to... High Unreviewed

CVE-2025-45237 was published May 5, 2025

An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between... High Unreviewed

CVE-2025-46635 was published May 2, 2025

Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03... High Unreviewed

CVE-2025-46628 was published May 2, 2025

A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v... High Unreviewed

CVE-2025-46619 was published Apr 30, 2025

A remote unauthenticated attacker may be able to change the IP adress of the device, and... High Unreviewed

CVE-2025-32470 was published Apr 28, 2025

Codemers KLIMS 1.6.DEV lacks a proper access control mechanism, allowing a normal KLIMS user to... High Unreviewed

CVE-2025-43947 was published Apr 22, 2025

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are... High Unreviewed

CVE-2025-30736 was published Apr 15, 2025

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Core). ... High Unreviewed

CVE-2025-30728 was published Apr 15, 2025

Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle... High Unreviewed

CVE-2025-30735 was published Apr 15, 2025

Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: User Management... High Unreviewed

CVE-2025-30707 was published Apr 15, 2025

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). ... High Unreviewed

CVE-2025-30712 was published Apr 15, 2025

Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The... High Unreviewed

CVE-2025-30690 was published Apr 15, 2025

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition... High Unreviewed

CVE-2025-21587 was published Apr 15, 2025

ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access... High Unreviewed

CVE-2025-30288 was published Apr 8, 2025

Improper access control in Active Directory Domain Services allows an authorized attacker to... High Unreviewed

CVE-2025-29810 was published Apr 8, 2025

Previous 1 2 3 4 5 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,040 advisories