GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,494
Composer 4,688
Erlang 34
GitHub Actions 26
Go 2,274
Maven 5,548
npm 3,930
NuGet 706
pip 3,696
Pub 12
RubyGems 919
Rust 955
Swift 38

Unreviewed advisories

All unreviewed 255,030

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,040 advisories

Filter by severity

Sort by

Least recently updated

Memory corruption while processing image encoding, when input buffer length is 0 in IOCTL call. High Unreviewed

CVE-2025-21469 was published May 6, 2025

Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter. High Unreviewed

CVE-2025-21470 was published May 6, 2025

Clustered Data ONTAP versions 9.11.1 through 9.11.1P2 with SnapLock configured FlexGroups are... High Unreviewed

CVE-2022-23241 was published Oct 19, 2022

Improper access control in Azure allows an unauthorized attacker to disclose information over a... High Unreviewed

CVE-2025-33072 was published May 9, 2025

OcoMon 4.0RC1 is vulnerable to Incorrect Access Control. Through a request the user can obtain... High Unreviewed

CVE-2022-40798 was published Oct 19, 2022

Improper Access Control in System Management Mode (SMM) may allow an attacker access to the SPI... High Unreviewed

CVE-2023-20587 was published Feb 13, 2024

Incorrect access control in the doFilter function of kob latest v1.0.0-SNAPSHOT allows attackers... High Unreviewed

CVE-2025-45609 was published May 5, 2025

Incorrect access control in the component /user/list of Shiro-Action v0.6 allows attackers to... High Unreviewed

CVE-2025-45613 was published May 5, 2025

Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows... High Unreviewed

CVE-2025-45608 was published May 5, 2025

Incorrect access control in the component /scheduleLog/info/1 of PassJava-Platform v3.0.0 allows... High Unreviewed

CVE-2025-45610 was published May 5, 2025

.NET Elevation of Privilege Vulnerability High Unreviewed

CVE-2025-21173 was published Jan 14, 2025

Memory corruption during memory mapping into protected VM address space due to incorrect API... High Unreviewed

CVE-2024-49842 was published May 6, 2025

Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to... High Unreviewed

CVE-2025-45614 was published May 5, 2025

Incorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows... High Unreviewed

CVE-2025-45617 was published May 5, 2025

Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to... High Unreviewed

CVE-2025-45237 was published May 5, 2025

x86: unintended memory sharing between guests On Intel systems that support the "virtualize APIC... High Unreviewed

CVE-2022-42327 was published Nov 1, 2022

In Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22... High Unreviewed

CVE-2022-42707 was published Nov 6, 2022

Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03... High Unreviewed

CVE-2025-46628 was published May 2, 2025

An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between... High Unreviewed

CVE-2025-46635 was published May 2, 2025

A security issue has been discovered in Couchbase Server before 7.6.4 and fixed in v.7.6.4 and v... High Unreviewed

CVE-2025-46619 was published Apr 30, 2025

An attacker with local access to the system can make unauthorized modifications of the security... High Unreviewed

CVE-2021-26360 was published Jul 6, 2023

Insufficient access controls in the AMD Link Android app may potentially result in information... High Unreviewed

CVE-2022-27673 was published Nov 10, 2022

Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary... High Unreviewed

CVE-2022-45475 was published Nov 25, 2022

A remote unauthenticated attacker may be able to change the IP adress of the device, and... High Unreviewed

CVE-2025-32470 was published Apr 28, 2025

An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4... High Unreviewed

CVE-2022-44037 was published Nov 29, 2022

Previous 1 2 3 4 5 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,040 advisories