Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,543
Erlang
33
GitHub Actions
25
Go
2,219
Maven
5,000+
npm
3,889
NuGet
700
pip
3,657
Pub
12
RubyGems
913
Rust
937
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,119 advisories

Loading
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access... High Unreviewed
CVE-2025-30288 was published Apr 8, 2025
Improper access control in Active Directory Domain Services allows an authorized attacker to... High Unreviewed
CVE-2025-29810 was published Apr 8, 2025
Improper access control in Visual Studio allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-29804 was published Apr 8, 2025
Improper access control in Microsoft Office allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-27744 was published Apr 8, 2025
Improper access control in Windows Defender Application Control (WDAC) allows an unauthorized... High Unreviewed
CVE-2025-26678 was published Apr 8, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method... High Unreviewed
CVE-2025-28403 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the edit method of... High Unreviewed
CVE-2025-28407 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the add method of... High Unreviewed
CVE-2025-28409 was published Apr 7, 2025
Memory corruption may occur due top improper access control in HAB process. High Unreviewed
CVE-2025-21425 was published Apr 7, 2025
The kernel driver, accessible to low-privileged users, exposes a function that fails to properly... High Unreviewed
CVE-2025-1865 was published Apr 4, 2025
A permissions issue was addressed by removing vulnerable code and adding additional checks. This... High Unreviewed
CVE-2025-30460 was published Apr 1, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5,... High Unreviewed
CVE-2025-24229 was published Apr 1, 2025
This issue was addressed with additional entitlement checks. This issue is fixed in visionOS 2.4,... High Unreviewed
CVE-2025-24173 was published Apr 1, 2025
A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in... High Unreviewed
CVE-2024-54533 was published Apr 1, 2025
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions... High Unreviewed
CVE-2025-20229 was published Mar 27, 2025
LoxiLB v.0.9.7 and before is vulnerable to Incorrect Access Control which allows attackers to... High Unreviewed
CVE-2024-53348 was published Mar 21, 2025
PipeCD Vulnerable to Privilege Escalation High
CVE-2024-53351 was published for github.com/pipe-cd/pipecd (Go) Mar 21, 2025
In lunary-ai/lunary before version 1.4.30, a privilege escalation vulnerability exists where... High Unreviewed
CVE-2024-9098 was published Mar 20, 2025
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240802 allows attackers to access, copy,... High Unreviewed
CVE-2024-8613 was published Mar 20, 2025
Due to a lack of access control, unauthorized users are able to view and modify information... High Unreviewed
CVE-2024-2292 was published Mar 20, 2025
In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a... High Unreviewed
CVE-2024-11300 was published Mar 20, 2025
An Insecure Direct Object Reference (IDOR) vulnerability exists in the `PATCH /v1/runs/:id/score`... High Unreviewed
CVE-2024-11137 was published Mar 20, 2025
GPT Academy version 3.83 in the binary-husky/gpt_academic repository is vulnerable to Cross-Site... High Unreviewed
CVE-2024-10956 was published Mar 20, 2025
An improper access control vulnerability (IDOR) exists in the delete attachments functionality of... High Unreviewed
CVE-2024-10366 was published Mar 20, 2025
In version 1.5.5 of lunary-ai/lunary, a vulnerability exists where admins, who do not have direct... High Unreviewed
CVE-2024-10275 was published Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database