Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
36
Go
2,522
Maven
5,000+
npm
4,176
NuGet
741
pip
3,965
Pub
12
RubyGems
947
Rust
1,028
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,794 advisories

Loading
DNN.PLATFORM possibly allows bypass of IP Filters High
CVE-2025-52487 was published for DNN.PLATFORM (NuGet) Jun 20, 2025
valadas bdukes
mitchelsellers
The AI Engine plugin for WordPress is vulnerable to unauthorized modification of data and loss of... High Unreviewed
CVE-2025-5071 was published Jun 19, 2025
The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-3880 was published Jun 17, 2025
Teleport allows remote authentication bypass Critical
CVE-2025-49825 was published for github.com/gravitational/teleport (Go) Jun 16, 2025
XWiki allows remote code execution through preview of XClass changes in AWM editor High
CVE-2025-49586 was published for org.xwiki.platform:xwiki-platform-oldcore (Maven) Jun 13, 2025
The WordPress Single Sign-On (SSO) plugin for WordPress is vulnerable to unauthorized access due... Moderate Unreviewed
CVE-2025-6003 was published Jun 12, 2025
Drupal Commerce Eurobank (Redirect) Incorrect Authorization vulnerability High
CVE-2025-48445 was published for drupal/commerce_eurobank_redirect (Composer) Jun 11, 2025
Drupal Commerce Alphabank Redirect Incorrect Authorization vulnerability High
CVE-2025-48446 was published for drupal/commerce_alphabank_redirect (Composer) Jun 11, 2025
Mattermost allows guest users to view information about public teams they are not members of Low
CVE-2025-4128 was published for github.com/mattermost/mattermost-server (Go) Jun 11, 2025
The ws.stash.app.mac.daemon.helper tool contains a vulnerability caused by an incorrect use of... High Unreviewed
CVE-2024-7457 was published Jun 11, 2025
The macOS Rocket.Chat application is affected by a vulnerability that allows bypassing ... Moderate Unreviewed
CVE-2024-8270 was published Jun 11, 2025
Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Incorrect Authorization... Moderate Unreviewed
CVE-2025-36578 was published Jun 10, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2),... High Unreviewed
CVE-2025-40567 was published Jun 10, 2025
A vulnerability has been identified in RUGGEDCOM RST2428P (6GK6242-6PA00) (All versions < V3.2),... Moderate Unreviewed
CVE-2025-40568 was published Jun 10, 2025
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an attacker,... High Unreviewed
CVE-2025-40668 was published Jun 9, 2025
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an... High Unreviewed
CVE-2025-40669 was published Jun 9, 2025
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an... High Unreviewed
CVE-2025-40670 was published Jun 9, 2025
Huawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and... Moderate Unreviewed
CVE-2025-49599 was published Jun 6, 2025
Deno has --allow-read / --allow-write permission bypass in `node:sqlite` Moderate
CVE-2025-48935 was published for deno (Rust) Jun 4, 2025
littledivy 0f-0b
Deno run with --allow-read and --deny-read flags results in allowed Moderate
CVE-2025-48888 was published for deno (Rust) Jun 4, 2025
nayeemrmn
Memory corruption due to unauthorized command execution in GPU micronode while executing specific... High Unreviewed
CVE-2025-21479 was published Jun 3, 2025
Memory corruption due to unauthorized command execution in GPU micronode while executing specific... High Unreviewed
CVE-2025-21480 was published Jun 3, 2025
Grafana vulnerable to authenticated users bypassing dashboard, folder permissions High
CVE-2025-3260 was published for github.com/grafana/grafana (Go) Jun 2, 2025
In wlan AP driver, there is a possible way to inject arbitrary packet due to a missing permission... Critical Unreviewed
CVE-2025-20674 was published Jun 2, 2025
Mattermost fails to properly enforce access control restrictions for System Manager roles Low
CVE-2025-3611 was published for github.com/mattermost/mattermost/server/v8 (Go) May 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database