GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,755
Composer 4,856
Erlang 36
GitHub Actions 36
Go 2,488
Maven 5,911
npm 4,104
NuGet 735
pip 3,923
Pub 12
RubyGems 945
Rust 1,017
Swift 39

Unreviewed advisories

All unreviewed 268,372

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,253 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In clearAllowBgActivityStarts of PendingIntentRecord.java, there is a possible way for an... High Unreviewed

CVE-2025-26436 was published Sep 5, 2025

In onCreate of NotificationAccessConfirmationActivity.java, there is a possible incorrect... Moderate Unreviewed

CVE-2025-26442 was published Sep 5, 2025

NVIDIA ConnectX contains a vulnerability in the management interface, where an attacker with... Moderate Unreviewed

CVE-2025-23262 was published Sep 5, 2025

NVIDIA BlueField contains a vulnerability in the management interface, where an attacker with... High Unreviewed

CVE-2025-23256 was published Sep 5, 2025

In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without... High Unreviewed

CVE-2025-48523 was published Sep 4, 2025

In startSpaActivityForApp of SpaActivity.kt, there is a possible cross-user permission bypass due... High Unreviewed

CVE-2025-32333 was published Sep 4, 2025

A vulnerability has been found in macrozheng mall up to 1.0.3. This affects the function... Moderate Unreviewed

CVE-2025-9835 was published Sep 3, 2025

rocket.chat Incorrect Authorization Information Disclosure Vulnerability. This vulnerability... Low Unreviewed

CVE-2025-7974 was published Sep 2, 2025

Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to... High Unreviewed

CVE-2025-55177 was published Aug 29, 2025

Incorrect authorization in Kibana can lead to privilege escalation via the built-in... Moderate Unreviewed

CVE-2025-25010 was published Aug 28, 2025

The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for... Moderate Unreviewed

CVE-2025-9376 was published Aug 28, 2025

An access control vulnerability was discovered in the Request Trace and Download Trace... Moderate Unreviewed

CVE-2025-1501 was published Aug 26, 2025

IBM Jazz Foundation 7.0.2 to 7.0.2 iFix035, 7.0.3 to 7.0.3 iFix018, and 7.1.0 to 7.1.0 iFix004... Critical Unreviewed

CVE-2025-36157 was published Aug 24, 2025

An Improper Access Control could allow a malicious actor authenticated in the API of certain... Moderate Unreviewed

CVE-2025-27213 was published Aug 21, 2025

In JetBrains IntelliJ IDEA before 2025.2 improper access control allowed Code With Me guest to... Moderate Unreviewed

CVE-2025-57728 was published Aug 20, 2025

MiR software versions prior to version 3.0.0 have insufficient authorization controls when... Moderate Unreviewed

CVE-2025-9228 was published Aug 20, 2025

IBM Storage Virtualize 8.4, 8.5, 8.6, and 8.7 could allow an authenticated user to escalate their... High Unreviewed

CVE-2025-36120 was published Aug 18, 2025

A security issue exists within the 5032 16pt Digital Configurable module’s web server. The web... High Unreviewed

CVE-2025-7773 was published Aug 14, 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 15.6 before 18.0.6, 18.1... Moderate Unreviewed

CVE-2024-10219 was published Aug 13, 2025

Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and... High Unreviewed

CVE-2025-49556 was published Aug 12, 2025

A vulnerability has been identified in SmartClient modules Opcenter QL Home (SC) (All versions >=... High Unreviewed

CVE-2024-41979 was published Aug 12, 2025

Due to broken authorization, SAP Business One (SLD) allows an authenticated attacker to gain... High Unreviewed

CVE-2025-42951 was published Aug 12, 2025

A vulnerability was identified in the XPC services of Fantastical. The services failed to... Moderate Unreviewed

CVE-2025-8533 was published Aug 7, 2025

A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated,... Moderate Unreviewed

CVE-2025-20332 was published Aug 6, 2025

tiaudit in Tera Insights tiCrypt before 2025-07-17 allows unauthenticated REST API requests that... Moderate Unreviewed

CVE-2025-54554 was published Aug 5, 2025

Previous1…91 Next

Previous 1 2 3 4 5 … 90 91 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,253 advisories