GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,526
Composer 4,831
Erlang 36
GitHub Actions 33
Go 2,451
Maven 5,852
npm 4,073
NuGet 723
pip 3,868
Pub 12
RubyGems 943
Rust 1,010
Swift 39

Unreviewed advisories

All unreviewed 266,481

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

375 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Incorrect access control in the /admin/ API of yaoqishan v0.0.1-SNAPSHOT allows attackers to gain... Critical Unreviewed

CVE-2025-45615 was published May 5, 2025

BRCC Incorrect Access Control vulnerability Critical

CVE-2025-45616 was published for com.baidu.mapp:brcc-core (Maven) May 5, 2025

Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint. Critical Unreviewed

CVE-2024-48905 was published May 2, 2025

Incorrect access control in laskBlog v2.6.1 allows attackers to access all usernames via a... Critical Unreviewed

CVE-2025-28104 was published Apr 21, 2025

Incorrect access control in the HOME.php endpoint of JMBroadcast JMB0150 Firmware v1.0 allows... Critical Unreviewed

CVE-2025-28232 was published Apr 21, 2025

Incorrect access control in Orban OPTIMOD 5950 Firmware v1.0.0.2 and System v2.2.15 allows... Critical Unreviewed

CVE-2025-28229 was published Apr 21, 2025

Incorrect access control in Itel Electronics IP Stream v1.7.0.6 allows unauthorized attackers to... Critical Unreviewed

CVE-2025-28231 was published Apr 18, 2025

Incorrect access control in BW Broadcast TX600 (14980), TX300 (32990) (31448), TX150, TX1000,... Critical Unreviewed

CVE-2025-28233 was published Apr 18, 2025

A valid, authenticated user with sufficient privileges and who is aware of Continuous Compliance... Critical Unreviewed

CVE-2025-3113 was published Apr 17, 2025

Access Control Vulnerability in Gerrit chromiumos project configuration in Google ChromeOS 131.0... Critical Unreviewed

CVE-2025-1568 was published Apr 17, 2025

ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access... Critical Unreviewed

CVE-2025-30281 was published Apr 8, 2025

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the... Critical Unreviewed

CVE-2025-28410 was published Apr 7, 2025

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the... Critical Unreviewed

CVE-2025-28413 was published Apr 7, 2025

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the /editSave... Critical Unreviewed

CVE-2025-28412 was published Apr 7, 2025

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobLogId parameter Critical Unreviewed

CVE-2025-28406 was published Apr 7, 2025

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the selectDeptTree... Critical Unreviewed

CVE-2025-28408 was published Apr 7, 2025

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobId parameter Critical Unreviewed

CVE-2025-28402 was published Apr 7, 2025

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the changeStatus... Critical Unreviewed

CVE-2025-28405 was published Apr 7, 2025

An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method... Critical Unreviewed

CVE-2025-28411 was published Apr 7, 2025

A library injection issue was addressed with additional restrictions. This issue is fixed in... Critical Unreviewed

CVE-2025-30462 was published Apr 1, 2025

This issue was addressed with improved access restrictions. This issue is fixed in visionOS 2.4,... Critical Unreviewed

CVE-2025-30433 was published Apr 1, 2025

A configuration issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed

CVE-2025-24241 was published Apr 1, 2025

Incorrect access control in Adtran 411 ONT L80.00.0011.M2 allows unauthorized attackers to... Critical Unreviewed

CVE-2025-22940 was published Mar 31, 2025

Telesquare TLR-2005KSH 1.1.4 allows unauthorized password modification when requesting the admin... Critical Unreviewed

CVE-2025-26010 was published Mar 26, 2025

OpenDaylight SFC Allows Unauthorized Privileged Execution via Crafted Request Critical

CVE-2025-29315 was published for org.opendaylight.sfc:sfc-parent (Maven) Mar 24, 2025

Previous 1 2 3 4 5 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

375 advisories