Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,476
Erlang
33
GitHub Actions
24
Go
2,203
Maven
5,000+
npm
3,852
NuGet
696
pip
3,637
Pub
12
RubyGems
911
Rust
913
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,714 advisories

Loading
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and... Moderate Unreviewed
CVE-2025-20230 was published Mar 27, 2025
In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8, and Splunk Cloud Platform versions... High Unreviewed
CVE-2025-20229 was published Mar 27, 2025
Client side access control bypass in the permission component in Devolutions Remote Desktop... Moderate Unreviewed
CVE-2025-2499 was published Mar 26, 2025
Huawei PCs have a vulnerability that allows low-privilege users to bypass SDDL permission checks ... Moderate Unreviewed
CVE-2023-52972 was published Mar 26, 2025
Vite bypasses server.fs.deny when using ?raw?? Moderate
CVE-2025-30208 was published for vite (npm) Mar 25, 2025
Ezzer17
OpenDaylight SFC Allows Unauthorized Privileged Execution via Crafted Request Critical
CVE-2025-29315 was published for org.opendaylight.sfc:sfc-parent (Maven) Mar 24, 2025
A vulnerability classified as critical was found in Digiwin ERP 5.0.1. Affected by this... Moderate Unreviewed
CVE-2025-2706 was published Mar 24, 2025
A vulnerability classified as critical has been found in Digiwin ERP 5.1. Affected is the... Moderate Unreviewed
CVE-2025-2705 was published Mar 24, 2025
A vulnerability, which was classified as critical, has been found in Softwin WMX3 3.1. This issue... Moderate Unreviewed
CVE-2025-2702 was published Mar 24, 2025
A vulnerability classified as critical has been found in PHPGurukul eLearning System 1.0.... Moderate Unreviewed
CVE-2025-2687 was published Mar 24, 2025
A vulnerability was found in Yue Lao Blind Box 月老盲盒 up to 4.0. It has been declared as critical.... Moderate Unreviewed
CVE-2025-2671 was published Mar 24, 2025
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been... Moderate Unreviewed
CVE-2025-2606 was published Mar 21, 2025
A vulnerability was found in phplaozhang LzCMS-LaoZhangBoKeXiTong up to 1.1.4. It has been rated... Moderate Unreviewed
CVE-2025-2607 was published Mar 21, 2025
LoxiLB v.0.9.7 and before is vulnerable to Incorrect Access Control which allows attackers to... High Unreviewed
CVE-2024-53348 was published Mar 21, 2025
PipeCD Vulnerable to Privilege Escalation High
CVE-2024-53351 was published for github.com/pipe-cd/pipecd (Go) Mar 21, 2025
An IDOR vulnerability in danswer-ai/danswer v0.3.94 allows an attacker to view any files. The... Moderate Unreviewed
CVE-2024-9617 was published Mar 20, 2025
In lunary-ai/lunary before version 1.4.30, a privilege escalation vulnerability exists where... High Unreviewed
CVE-2024-9098 was published Mar 20, 2025
lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST ... Critical Unreviewed
CVE-2024-8999 was published Mar 20, 2025
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240802 allows attackers to access, copy,... High Unreviewed
CVE-2024-8613 was published Mar 20, 2025
In version 0.4.1 of danswer-ai/danswer, a vulnerability exists where a basic user can create... Moderate Unreviewed
CVE-2024-8057 was published Mar 20, 2025
Aim Improper Access Control Moderate
CVE-2024-8238 was published for aim (pip) Mar 20, 2025
An improper access control vulnerability exists in danswer-ai/danswer version v0.3.94. This... Moderate Unreviewed
CVE-2024-7767 was published Mar 20, 2025
A broken access control vulnerability exists in lunary-ai/lunary versions 1.2.7 through 1.4.2.... Moderate Unreviewed
CVE-2024-7476 was published Mar 20, 2025
In version v0.3.8 of open-webui/open-webui, there is an improper access control vulnerability. On... Moderate Unreviewed
CVE-2024-7040 was published Mar 20, 2025
Due to a lack of access control, unauthorized users are able to view and modify information... High Unreviewed
CVE-2024-2292 was published Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database