Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,465
Erlang
33
GitHub Actions
22
Go
2,165
Maven
5,000+
npm
3,823
NuGet
696
pip
3,503
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,619 advisories

Loading
Improper access control in web extension restriction feature in Devolutions Server 2024.3.13 and... Unknown Unreviewed
CVE-2025-2280 was published Mar 13, 2025
Improper access control in temporary access requests and checkout requests endpoints in... Unknown Unreviewed
CVE-2025-2278 was published Mar 13, 2025
AlekSIS-Core is vulnerable to Incorrect Access Control. Unauthenticated users can access all PDF... Moderate Unreviewed
CVE-2025-25683 was published Mar 12, 2025
A vulnerability in the hybrid access control list (ACL) processing of IPv4 packets in Cisco IOS... Moderate Unreviewed
CVE-2025-20144 was published Mar 12, 2025
The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2024-13430 was published Mar 12, 2025
A vulnerability was found in LoveCards LoveCardsV2 up to 2.3.2 and classified as critical. This... Moderate Unreviewed
CVE-2025-2219 was published Mar 12, 2025
A vulnerability, which was classified as critical, has been found in zzskzy Warehouse Refinement... Moderate Unreviewed
CVE-2025-2216 was published Mar 12, 2025
NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A... High Unreviewed
CVE-2025-23242 was published Mar 11, 2025
NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A... Moderate Unreviewed
CVE-2025-23243 was published Mar 11, 2025
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate... High Unreviewed
CVE-2025-24994 was published Mar 11, 2025
Improper access control in Windows Cross Device Service allows an authorized attacker to elevate... High Unreviewed
CVE-2025-24076 was published Mar 11, 2025
** UNSUPPORTED WHEN ASSIGNED **  A privilege escalation vulnerability in CxUIUSvc64.exe and... High Unreviewed
CVE-2024-9157 was published Mar 11, 2025
Improper Authorization in Keycloak Organization Mapper Allows Unauthorized Organization Claims Moderate
CVE-2025-1391 was published for org.keycloak:keycloak-services (Maven) Mar 10, 2025
Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Escalation, which allows... High Unreviewed
CVE-2025-25614 was published Mar 10, 2025
Unifiedtransform 2.0 is vulnerable to Incorrect Access Control which allows viewing attendance... Moderate Unreviewed
CVE-2025-25615 was published Mar 10, 2025
Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which allows students to modify... High Unreviewed
CVE-2025-25616 was published Mar 10, 2025
A vulnerability, which was classified as critical, was found in zzskzy Warehouse Refinement... Moderate Unreviewed
CVE-2025-2115 was published Mar 9, 2025
Incorrect Access Control in Unifiedtransform 2.X leads to Privilege Escalation allowing teachers... Moderate Unreviewed
CVE-2025-25617 was published Mar 7, 2025
The VK Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all... Moderate Unreviewed
CVE-2024-13635 was published Mar 7, 2025
Incorrect access control in the KSRTC AWATAR app of Karnataka State Road Transport Corporation v1... High Unreviewed
CVE-2025-25381 was published Mar 6, 2025
A vulnerability was found in s-a-zhd Ecommerce-Website-using-PHP 1.0 and classified as critical.... Moderate Unreviewed
CVE-2025-2035 was published Mar 6, 2025
A vulnerability classified as critical has been found in ChestnutCMS up to 1.5.2. This affects... Moderate Unreviewed
CVE-2025-2031 was published Mar 6, 2025
Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache... Moderate Unreviewed
CVE-2024-56196 was published Mar 6, 2025
Improper Access Control vulnerability in Apache Traffic Server. This issue affects Apache... Moderate Unreviewed
CVE-2024-56195 was published Mar 6, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.893 Application 20.0.2140... Critical Unreviewed
CVE-2025-27649 was published Mar 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database