GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,512
Composer 4,968
Erlang 39
GitHub Actions 38
Go 2,616
Maven 6,100
npm 4,255
NuGet 760
pip 4,040
Pub 12
RubyGems 953
Rust 1,050
Swift 45

Unreviewed advisories

All unreviewed 275,919

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

106 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The issue was addressed by restricting options offered on a locked device. This issue is fixed in... Low Unreviewed

CVE-2024-44265 was published Oct 28, 2024

Missing Authorization vulnerability in WPDeveloper Essential Addons for Elementor essential... Low Unreviewed

CVE-2025-64352 was published Oct 31, 2025

Missing Authorization vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows... Low Unreviewed

CVE-2025-64350 was published Oct 31, 2025

GitLab has remediated an issue in GitLab EE affecting all versions from 17.6.0 before 18.3.5, 18... Low Unreviewed

CVE-2025-11989 was published Oct 27, 2025

Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Compiler). ... Low Unreviewed

CVE-2025-61755 was published Oct 21, 2025

An issue has been discovered in GitLab EE affecting all versions from 16.6 before 18.2.7, 18.3... Low Unreviewed

CVE-2025-10871 was published Sep 26, 2025

The ShopEngine Elementor WooCommerce Builder Addon – All in One WooCommerce Solution plugin for... Low Unreviewed

CVE-2025-10173 was published Sep 26, 2025

Missing Authorization vulnerability in codepeople CP Multi View Event Calendar allows Exploiting... Low Unreviewed

CVE-2025-58009 was published Sep 22, 2025

Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an... Low Unreviewed

CVE-2025-42914 was published Sep 9, 2025

Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an... Low Unreviewed

CVE-2025-42913 was published Sep 9, 2025

When Bazel Plugin in intellij imports a project (either using "import project" or "Auto import")... Low Unreviewed

CVE-2024-5899 was published Jun 18, 2024

In multiple locations, there is a possible way to view icons belonging to another user due to a... Low Unreviewed

CVE-2025-0076 was published Sep 4, 2025

Missing Authorization vulnerability in Plugin Devs Product Carousel Slider for Elementor allows... Low Unreviewed

CVE-2025-58816 was published Sep 5, 2025

Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network... Low Unreviewed

CVE-2025-42955 was published Aug 12, 2025

An issue has been discovered in GitLab EE affecting all versions from 16.10 before 17.11.5, 18.0... Low Unreviewed

CVE-2025-5846 was published Jun 26, 2025

An issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.3.6... Low Unreviewed

CVE-2023-5600 was published Jun 20, 2025

A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0... Low Unreviewed

CVE-2024-54020 was published May 28, 2025

Missing Authorization vulnerability in Drupal Single Content Sync allows Functionality Misuse... Low Unreviewed

CVE-2025-48009 was published May 21, 2025

Zoho ManageEngine SupportCenter Plus through 11024 allows low-privileged users to view the... Low Unreviewed

CVE-2022-42903 was published Nov 18, 2022

In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location... Low Unreviewed

CVE-2022-20240 was published Dec 13, 2022

The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding... Low Unreviewed

CVE-2017-17807 was published May 13, 2022

The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins... Low Unreviewed

CVE-2017-5930 was published May 13, 2022

In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass... Low Unreviewed

CVE-2022-20529 was published Dec 20, 2022

Missing authorization in PostgreSQL built-in views pg_stats_ext and pg_stats_ext_exprs allows an... Low Unreviewed

CVE-2024-4317 was published May 14, 2024

A Broken Object Level Authorization vulnerability in the component /households/permissions of hay... Low Unreviewed

CVE-2024-55070 was published Mar 27, 2025

Previous1…5 Next

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

106 advisories