Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

346 advisories

Loading
Azure Networking Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-54914 was published Sep 5, 2025
Azure Bot Service Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-55244 was published Sep 5, 2025
An issue was discovered in getrebuild/rebuild 4.0.4. The affected source code class is com... Critical Unreviewed
CVE-2025-50900 was published Aug 26, 2025
Incorrect access control in the DELT_file.xgi endpoint of D-Link DSL-7740C with firmware DSL7740C... Critical Unreviewed
CVE-2025-29515 was published Aug 25, 2025
Incorrect access control in the config.xgi function of D-Link DSL-7740C with firmware DSL7740C.V6... Critical Unreviewed
CVE-2025-29514 was published Aug 25, 2025
Voltronic Power ViewPower through 1.04-21353 and PowerShield Netguard before 1.04-23292 allows a... Critical Unreviewed
CVE-2022-43110 was published Aug 22, 2025
Incorrect access control in the doFilter function of my-site v1.0.2.RELEASE allows attackers to... Critical Unreviewed
CVE-2024-53496 was published Aug 22, 2025
Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges... Critical Unreviewed
CVE-2025-53763 was published Aug 21, 2025
An issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8... Critical Unreviewed
CVE-2024-45438 was published Aug 21, 2025
Incorrect access control in radar v1.0.8 allows attackers to bypass authentication and access... Critical Unreviewed
CVE-2024-57155 was published Aug 20, 2025
Incorrect access control in dts-shop v0.0.1-SNAPSHOT allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-57154 was published Aug 20, 2025
Incorrect access control in Jantent v1.1 allows attackers to bypass authentication and access... Critical Unreviewed
CVE-2024-57157 was published Aug 20, 2025
Institute-of-Current-Students 1.0 is vulnerable to Incorrect Access Control in the... Critical Unreviewed
CVE-2025-50870 was published Aug 1, 2025
An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated... Critical Unreviewed
CVE-2025-26062 was published Jul 31, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-43232 was published Jul 30, 2025
This issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia... Critical Unreviewed
CVE-2025-43233 was published Jul 30, 2025
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.6, macOS... Critical Unreviewed
CVE-2025-43194 was published Jul 30, 2025
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15... Critical Unreviewed
CVE-2025-43198 was published Jul 30, 2025
A configuration issue was addressed with additional restrictions. This issue is fixed in macOS... Critical Unreviewed
CVE-2025-43192 was published Jul 30, 2025
This issue was addressed by adding an additional prompt for user consent. This issue is fixed in... Critical Unreviewed
CVE-2025-43184 was published Jul 30, 2025
A privilege escalation vulnerability exists in the login.php functionality of meddream MedDream... Critical Unreviewed
CVE-2025-27724 was published Jul 28, 2025
An issue was discovered on IROAD Dashcam FX2 devices. Bypass of Device Pairing/Registration can... Critical Unreviewed
CVE-2025-30133 was published Jul 28, 2025
In Linksys E2500 3.0.04.002, the chroot_local_user option is enabled in the vsftpd configuration... Critical Unreviewed
CVE-2025-44654 was published Jul 21, 2025
In some mod_ssl configurations on Apache HTTP Server 2.4.35 through to 2.4.63, an access control... Critical Unreviewed
CVE-2025-23048 was published Jul 10, 2025
linjiashop <=0.9 is vulnerable to Incorrect Access Control. When using the default-generated JWT... Critical Unreviewed
CVE-2025-52101 was published Jul 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database