GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+
1,115 advisories
Filter by severity
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are...
Moderate
Unreviewed
CVE-2025-24423
was published
Feb 11, 2025
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are...
Moderate
Unreviewed
CVE-2025-24426
was published
Feb 11, 2025
Magento Improper Access Control vulnerability
Moderate
CVE-2025-24427
was published
for
magento/community-edition
(Composer)
Feb 11, 2025
Magento Improper Access Control vulnerability
Moderate
CVE-2025-24435
was published
for
magento/community-edition
(Composer)
Feb 11, 2025
Magento Improper Access Control vulnerability
Moderate
CVE-2025-24436
was published
for
magento/community-edition
(Composer)
Feb 11, 2025
Magento Improper Access Control vulnerability
Moderate
CVE-2025-24437
was published
for
magento/community-edition
(Composer)
Feb 11, 2025
Adobe Commerce versions 2.4.7-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are...
Moderate
Unreviewed
CVE-2025-24422
was published
Feb 11, 2025
Magento Improper Access Control vulnerability
Moderate
CVE-2025-24424
was published
for
magento/community-edition
(Composer)
Feb 11, 2025
An Improper Access Control vulnerability [CWE-284] in FortiClient Windows version 7.4.0, version...
Moderate
Unreviewed
CVE-2024-40586
was published
Feb 11, 2025
A vulnerability has been identified in SCALANCE WAB762-1 (6GK5762-1AJ00-6AA0) (All versions < V3...
Moderate
Unreviewed
CVE-2025-24532
was published
Feb 11, 2025
A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical...
Moderate
Unreviewed
CVE-2025-1166
was published
Feb 11, 2025
A vulnerability, which was classified as critical, was found in Lumsoft ERP 8. Affected is the...
Moderate
Unreviewed
CVE-2025-1165
was published
Feb 11, 2025
Connect-CMS Access control vulnerability
Moderate
GHSA-5rjc-jc28-cwgg
was published
for
opensource-workshop/connect-cms
(Composer)
Feb 7, 2025
The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Information...
Moderate
Unreviewed
CVE-2024-13514
was published
Feb 4, 2025
access_device.cgi on Digiever DS-2105 Pro 3.1.0.71-11 devices allows arbitrary file read. NOTE:...
Moderate
Unreviewed
CVE-2023-52164
was published
Feb 3, 2025
WildFly improper RBAC permission
Moderate
CVE-2025-23367
was published
for
org.wildfly.core:wildfly-server
(Maven)
Jan 31, 2025
Duplicate Advisory: Wildfly Server Role Based Access Control (RBAC) provider has Improper Access Control
Moderate
GHSA-fcrw-mphx-7cxf
was published
for
org.wildfly:wildfly-server
(Maven)
Jan 30, 2025
•
withdrawn
An Improper Access Control vulnerability has been found in EmbedAI
2.1 and below. This...
Moderate
Unreviewed
CVE-2025-0741
was published
Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This...
Moderate
Unreviewed
CVE-2025-0742
was published
Jan 30, 2025
An Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This...
Moderate
Unreviewed
CVE-2025-0743
was published
Jan 30, 2025
The Event Tickets and Registration plugin for WordPress is vulnerable to Insecure Direct Object...
Moderate
Unreviewed
CVE-2024-13457
was published
Jan 30, 2025
IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an...
Moderate
Unreviewed
CVE-2024-22316
was published
Jan 27, 2025
A vulnerability classified as critical was found in needyamin image_gallery 1.0. This...
Moderate
Unreviewed
CVE-2025-0722
was published
Jan 27, 2025
A vulnerability classified as critical was found in JoeyBling bootplus up to...
Moderate
Unreviewed
CVE-2025-0702
was published
Jan 24, 2025
The Tutor LMS plugin for WordPress is vulnerable to bypass to user registration in versions up to...
Moderate
Unreviewed
CVE-2024-10393
was published
Jan 23, 2025
ProTip!
Advisories are also available from the
GraphQL API