GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,570
Composer 4,838
Erlang 36
GitHub Actions 33
Go 2,460
Maven 5,866
npm 4,082
NuGet 723
pip 3,873
Pub 12
RubyGems 943
Rust 1,010
Swift 39

Unreviewed advisories

All unreviewed 266,726

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,282 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper access control in Azure Databricks allows an unauthorized attacker to elevate privileges... Critical Unreviewed

CVE-2025-53763 was published Aug 21, 2025

On N-central, it is possible for any authenticated user to read, write and modify syslog... High Unreviewed

CVE-2025-7051 was published Aug 21, 2025

An issue was discovered in TitanHQ SpamTitan Email Security Gateway 8.00.x before 8.00.101 and 8... Critical Unreviewed

CVE-2024-45438 was published Aug 21, 2025

Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows... High Unreviewed

CVE-2025-55368 was published Aug 21, 2025

Incorrect access control in the component \controller\UserController.java of jshERP v3.5 allows... Moderate Unreviewed

CVE-2025-55366 was published Aug 21, 2025

Incorrect access control in the component \controller\SupplierController.java of jshERP v3.5... Moderate Unreviewed

CVE-2025-55367 was published Aug 21, 2025

Incorrect access control in the component /controller/PersonController.java of jshERP v3.5 allows... Moderate Unreviewed

CVE-2025-55371 was published Aug 21, 2025

A security vulnerability has been detected in Emlog Pro up to 2.5.18. This affects an unknown... Moderate Unreviewed

CVE-2025-9296 was published Aug 21, 2025

An Improper Access Control could allow a malicious actor authenticated in the API of certain... High Unreviewed

CVE-2025-27215 was published Aug 21, 2025

Incorrect access control in radar v1.0.8 allows attackers to bypass authentication and access... Critical Unreviewed

CVE-2024-57155 was published Aug 20, 2025

Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access... High Unreviewed

CVE-2024-57152 was published Aug 20, 2025

Incorrect access control in dts-shop v0.0.1-SNAPSHOT allows attackers to bypass authentication... Critical Unreviewed

CVE-2024-57154 was published Aug 20, 2025

Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to... High Unreviewed

CVE-2024-53495 was published Aug 20, 2025

A vulnerability in the GUI of Cisco Identity Services Engine (ISE) could allow an authenticated,... Moderate Unreviewed

CVE-2025-20131 was published Aug 20, 2025

Incorrect access control in the doFilter function of itranswarp up to 2.19 allows attackers to... High Unreviewed

CVE-2025-28041 was published Aug 20, 2025

Incorrect access control in Jantent v1.1 allows attackers to bypass authentication and access... Critical Unreviewed

CVE-2024-57157 was published Aug 20, 2025

A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown... Moderate Unreviewed

CVE-2025-9173 was published Aug 20, 2025

A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This... Moderate Unreviewed

CVE-2025-9153 was published Aug 19, 2025

EzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability due to improper access... Moderate Unreviewed

CVE-2025-51539 was published Aug 19, 2025

A security issue has been identified in Appian Enterprise Business Process Management version 25... Moderate Unreviewed

CVE-2025-50434 was published Aug 19, 2025

Incorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content... Moderate Unreviewed

CVE-2025-51529 was published Aug 19, 2025

A vulnerability exists in riscv-boom SonicBOOM 1.2 (BOOMv1.2) processor implementation, where... Moderate Unreviewed

CVE-2025-50897 was published Aug 19, 2025

Thermo Fisher Scientific ePort through 3.0.0 has Incorrect Access Control. High Unreviewed

CVE-2025-32992 was published Aug 18, 2025

An Insecure Direct Object Reference (IDOR) vulnerability was identified in the `POST /v1... High Unreviewed

CVE-2025-4962 was published Aug 18, 2025

A vulnerability was identified in Acrel Environmental Monitoring Cloud Platform up to 20250804.... Moderate Unreviewed

CVE-2025-9099 was published Aug 18, 2025

Previous 1 2 3 4 5 … 131 132 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,282 advisories