Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,746
Erlang
35
GitHub Actions
29
Go
2,319
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
920
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

42 advisories

Loading
An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In... Low Unreviewed
CVE-2025-1110 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before... Moderate Unreviewed
CVE-2025-4979 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17... Moderate Unreviewed
CVE-2025-1278 was published May 9, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 13.12 before 17.8.7, 17... Moderate Unreviewed
CVE-2025-2408 was published Apr 10, 2025
Memory corruption while assigning memory from the source DDR memory(HLOS) to ADSP. High Unreviewed
CVE-2024-33058 was published Apr 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0... High Unreviewed
CVE-2025-29987 was published Apr 3, 2025
Unauthenticated Miniflux user can bypass allowed networks check to obtain Prometheus metrics High
CVE-2023-27591 was published for miniflux.app (Go) Apr 2, 2025
40826d fguillot
An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 before 17.8.6, 17.9... Moderate Unreviewed
CVE-2024-12619 was published Mar 28, 2025
A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and... High Unreviewed
CVE-2025-20111 was published Feb 26, 2025
The product implements access controls via a policy or other feature with the intention to... Moderate Unreviewed
CVE-2024-6696 was published Feb 20, 2025
Insufficient granularity of access control in UEFI firmware in some Intel(R) processors may allow... Moderate Unreviewed
CVE-2024-39279 was published Feb 13, 2025
Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain an improper... High Unreviewed
CVE-2024-53295 was published Feb 1, 2025
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to... Moderate Unreviewed
CVE-2024-11931 was published Jan 24, 2025
Insufficient Granularity of Access Control vulnerability in Drupal Paragraphs table allows... Moderate Unreviewed
CVE-2024-13272 was published Jan 9, 2025
Insufficient Granularity of Access Control vulnerability in Drupal Email Contact allows Forceful... High Unreviewed
CVE-2024-13256 was published Jan 9, 2025
Outlook for Android Elevation of Privilege Vulnerability Moderate Unreviewed
CVE-2024-43604 was published Oct 8, 2024
Lunary information disclosure vulnerability Moderate
CVE-2024-6867 was published for lunary (npm) Sep 13, 2024
aimeos/ai-admin-graphql improper access control vulnerability allows editors to manage own services Low
CVE-2024-39324 was published for aimeos/ai-admin-graphql (Composer) Jul 2, 2024
ssshah2131
aimeos/ai-admin-graphql improper access control vulnerability allows an editor to modify admin account High
CVE-2024-39323 was published for aimeos/ai-admin-graphql (Composer) Jul 2, 2024
ssshah2131
lunary-ai/lunary Access Control Vulnerability in Prompt Variation Management Moderate
CVE-2024-5389 was published for lunary (npm) Jun 10, 2024 withdrawn
Improper authorization in zenml Moderate
CVE-2024-2035 was published for zenml (pip) Jun 6, 2024
Improper access control in Intel(R) Power Gadget software for Windows all versions may allow an... High Unreviewed
CVE-2023-45217 was published May 16, 2024
Improper access control in some Intel(R) Power Gadget software for macOS all versions may allow... High Unreviewed
CVE-2023-40070 was published May 16, 2024
IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized... Moderate Unreviewed
CVE-2023-43040 was published May 14, 2024
Kimai API returns timesheet entries a user should not be authorized to view Moderate
CVE-2024-29200 was published for kimai/kimai (Composer) Mar 29, 2024
AstroGD
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database