GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,109
Composer 4,884
Erlang 37
GitHub Actions 38
Go 2,546
Maven 5,998
npm 4,207
NuGet 743
pip 3,979
Pub 12
RubyGems 947
Rust 1,034
Swift 45

Unreviewed advisories

All unreviewed 272,388

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

102 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue has been discovered in GitLab EE affecting all versions from 16.6 before 18.2.7, 18.3... Low Unreviewed

CVE-2025-10871 was published Sep 26, 2025

The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for... Low Unreviewed

CVE-2025-10173 was published Sep 26, 2025

Missing Authorization vulnerability in codepeople CP Multi View Event Calendar allows Exploiting... Low Unreviewed

CVE-2025-58009 was published Sep 22, 2025

Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an... Low Unreviewed

CVE-2025-42914 was published Sep 9, 2025

Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an... Low Unreviewed

CVE-2025-42913 was published Sep 9, 2025

When Bazel Plugin in intellij imports a project (either using "import project" or "Auto import")... Low Unreviewed

CVE-2024-5899 was published Jun 18, 2024

In multiple locations, there is a possible way to view icons belonging to another user due to a... Low Unreviewed

CVE-2025-0076 was published Sep 4, 2025

Missing Authorization vulnerability in Plugin Devs Product Carousel Slider for Elementor allows... Low Unreviewed

CVE-2025-58816 was published Sep 5, 2025

Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network... Low Unreviewed

CVE-2025-42955 was published Aug 12, 2025

An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0... Low Unreviewed

CVE-2025-5846 was published Jun 26, 2025

An issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.3.6... Low Unreviewed

CVE-2023-5600 was published Jun 20, 2025

A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0... Low Unreviewed

CVE-2024-54020 was published May 28, 2025

Missing Authorization vulnerability in Drupal Single Content Sync allows Functionality Misuse... Low Unreviewed

CVE-2025-48009 was published May 21, 2025

Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the... Low Unreviewed

CVE-2022-42903 was published Nov 18, 2022

In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location... Low Unreviewed

CVE-2022-20240 was published Dec 13, 2022

The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding... Low Unreviewed

CVE-2017-17807 was published May 13, 2022

The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins... Low Unreviewed

CVE-2017-5930 was published May 13, 2022

In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass... Low Unreviewed

CVE-2022-20529 was published Dec 20, 2022

Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an... Low Unreviewed

CVE-2024-4317 was published May 14, 2024

A Broken Object Level Authorization vulnerability in the component /households/permissions of hay... Low Unreviewed

CVE-2024-55070 was published Mar 27, 2025

Missing Authorization vulnerability in fatcatapps Quiz Cat allows Exploiting Incorrectly... Low Unreviewed

CVE-2025-30877 was published Mar 27, 2025

In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on... Low Unreviewed

CVE-2025-0526 was published Feb 11, 2025

The eDocument Cockpit (Inbound NF-e) in SAP Electronic Invoicing for Brazil allows an... Low Unreviewed

CVE-2025-27432 was published Mar 11, 2025

SAP Just In Time(JIT) does not perform necessary authorization checks for an authenticated user,... Low Unreviewed

CVE-2025-26655 was published Mar 11, 2025

In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible... Low Unreviewed

CVE-2024-54153 was published Dec 4, 2024

Previous1…5 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

102 advisories