Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,950
Erlang
39
GitHub Actions
38
Go
2,603
Maven
5,000+
npm
4,250
NuGet
755
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,842 advisories

Loading
The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for... Low Unreviewed
CVE-2025-11888 was published Oct 25, 2025
Moodle sends quiz-related messages to inactive/suspended users Moderate
CVE-2025-62394 was published for moodle/moodle (Composer) Oct 23, 2025
MinIO is Vulnerable to Privilege Escalation via Session Policy Bypass in Service Accounts and STS High
CVE-2025-62506 was published for github.com/minio/minio (Go) Oct 16, 2025
donatello SimeonPoot
Credited to donatello and SimeonPoot
Rancher update on users can deny the service to the admin High
CVE-2024-58260 was published for github.com/rancher/rancher (Go) Sep 26, 2025
Omni Wireguard SideroLink potential escape Low
CVE-2025-59824 was published for github.com/siderolabs/omni (Go) Sep 24, 2025
smira Unix4ever
Credited to smira and Unix4ever
OpenBao AWS Plugin Vulnerable to Cross-Account IAM Role Impersonation in AWS Auth Method High
CVE-2025-59048 was published for github.com/openbao/openbao-plugins (Go) Oct 23, 2025
pkarakal
Credited to pkarakal
Magento Authenticated Security feature bypass Low
CVE-2025-49549 was published for magento/community-edition (Composer) Jun 26, 2025
Magento Security feature bypass Moderate
CVE-2025-49550 was published for magento/community-edition (Composer) Jun 26, 2025
Memory corruption due to unauthorized command execution in GPU micronode while executing specific... High Unreviewed
CVE-2025-21480 was published Jun 3, 2025
Memory corruption due to unauthorized command execution in GPU micronode while executing specific... High Unreviewed
CVE-2025-21479 was published Jun 3, 2025
Adobe Experience Manager versions 6.5.23 and earlier are affected by a Misconfiguration... Critical Unreviewed
CVE-2025-54253 was published Aug 5, 2025
An authorization issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2025-24200 was published Feb 10, 2025
Incorrect Authorization vulnerability in Apache OFBiz. This issue affects Apache OFBiz: through... High Unreviewed
CVE-2024-38856 was published Aug 5, 2024
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... Critical Unreviewed
CVE-2023-20269 was published Sep 6, 2023
Windows SmartScreen Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2023-24880 was published Mar 14, 2023
A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur... High Unreviewed
CVE-2021-30713 was published May 24, 2022
Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to... High Unreviewed
CVE-2025-55177 was published Aug 29, 2025
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability.... Critical Unreviewed
CVE-2024-11680 was published Nov 26, 2024
Vulnerability in the Oracle Agile PLM Framework product of Oracle Supply Chain (component:... High Unreviewed
CVE-2024-21287 was published Nov 19, 2024
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed
CVE-2024-45519 was published Oct 3, 2024
The overlayfs implementation in the linux kernel did not properly validate with respect to user... High Unreviewed
CVE-2021-3493 was published May 24, 2022
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this... Critical Unreviewed
CVE-2020-2506 was published May 24, 2022
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or... Moderate Unreviewed
CVE-2020-3952 was published May 24, 2022
All versions of Confluence Data Center and Server are affected by this unexploited vulnerability.... Critical Unreviewed
CVE-2023-22518 was published Oct 31, 2023
This improper access control vulnerability allows remote attackers to gain unauthorized access to... High Unreviewed
CVE-2019-7192 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database