GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,259
Composer 4,354
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,293
npm 3,779
NuGet 681
pip 3,460
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,854

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

238 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability classified as problematic was found in Mindskip xzs-mysql 学之思开源考试系统 3.9.0.... Low Unreviewed

CVE-2025-1083 was published Feb 7, 2025

Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control. An authenticated... Moderate Unreviewed

CVE-2023-29868 was published May 2, 2023

Improper access control in Subscriptions Folder path filter in Devolutions Server 2023.1.1 and... Moderate Unreviewed

CVE-2023-2445 was published May 2, 2023

Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker... Moderate Unreviewed

CVE-2023-29867 was published May 2, 2023

This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13... Moderate Unreviewed

CVE-2023-27932 was published May 8, 2023

This issue was addressed with a new entitlement. This issue is fixed in macOS Ventura 13.3, macOS... High Unreviewed

CVE-2023-27944 was published May 8, 2023

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3,... Moderate Unreviewed

CVE-2023-27962 was published May 8, 2023

In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining... Low Unreviewed

CVE-2024-57965 was published Jan 29, 2025

A vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of... Moderate Unreviewed

CVE-2023-28318 was published May 10, 2023

Improper access control vulnerability in SkyBridge MB-A200 firmware Ver. 01.00.05 and earlier... High Unreviewed

CVE-2023-23578 was published May 10, 2023

There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate... Moderate Unreviewed

CVE-2024-22062 was published Jul 9, 2024

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... High Unreviewed

CVE-2025-21511 was published Jan 21, 2025

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component:... Moderate Unreviewed

CVE-2024-21245 was published Jan 21, 2025

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed

CVE-2025-21497 was published Jan 21, 2025

Vulnerability in the Oracle Communications Order and Service Management product of Oracle... Moderate Unreviewed

CVE-2025-21542 was published Jan 21, 2025

A ZigBee coordinator, router, or end device may change their node ID when an unsolicited... Moderate Unreviewed

CVE-2024-7322 was published Jan 15, 2025

Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated... Moderate Unreviewed

CVE-2023-23561 was published May 30, 2023

An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0... Moderate Unreviewed

CVE-2023-46715 was published Jan 14, 2025

The Call Blocker application 6.6.3 for Android allows attackers to tamper with feature-related... Critical Unreviewed

CVE-2023-29728 was published May 31, 2023

An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause a persistent... High Unreviewed

CVE-2023-29745 was published May 31, 2023

An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause a persistent... High Unreviewed

CVE-2023-29743 was published May 31, 2023

Incorrect access control in luowice v3.5.18 allows attackers to access cloud source code... High Unreviewed

CVE-2023-33740 was published May 31, 2023

Prestashop salesbooster <= 1.10.4 is vulnerable to Incorrect Access Control via modules... High Unreviewed

CVE-2023-30196 was published May 30, 2023

Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the... Moderate Unreviewed

CVE-2025-23109 was published Jan 11, 2025

An issue in South River Technologies TitanFTP Before v2.0.1.2102 allows attackers with low-level... High Unreviewed

CVE-2023-27745 was published Jun 2, 2023

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

238 advisories