Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,476
Erlang
33
GitHub Actions
24
Go
2,207
Maven
5,000+
npm
3,858
NuGet
696
pip
3,639
Pub
12
RubyGems
913
Rust
918
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,554 advisories

Loading
HTCondor 23.0.x before 23.0.22, 23.10.x before 23.10.22, 24.0.x before 24.0.6, and 24.6.x before... High Unreviewed
CVE-2025-30093 was published Mar 27, 2025
An improper access control vulnerability in GitLab CE/EE affecting all versions from 17.4 prior... High Unreviewed
CVE-2025-2242 was published Mar 27, 2025
An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have... Moderate Unreviewed
CVE-2024-55965 was published Mar 26, 2025
Improper permission control vulnerability in the OXARI ServiceDesk application could allow an... Critical Unreviewed
CVE-2025-1542 was published Mar 26, 2025
Pixelfed may allow unauthorized actor to view private posts and private users Moderate
CVE-2025-30741 was published for pixelfed/pixelfed (Composer) Mar 25, 2025
Cilium node based network policies may incorrectly allow workload traffic Low
CVE-2025-30163 was published for Ciliumgithub.com/cilium/cilium (Go) Mar 24, 2025
oblazek
Cilium East-west traffic not subject to egress policy enforcement for requests via Gateway API load balancers Low
CVE-2025-30162 was published for github.com/cilium/cilium (Go) Mar 24, 2025
pjablonski123
Mattermost allows members with permission to convert public channels to private and convert private to public Moderate
CVE-2025-27933 was published for github.com/mattermost/mattermost-server (Go) Mar 21, 2025
Mattermost fail to prompt for explicit approval before adding a team admin to a private channel Low
CVE-2025-27715 was published for github.com/mattermost/mattermost/server/v8 (Go) Mar 21, 2025
Mattermost Fails to Enforce Certain Search APIs Moderate
CVE-2025-30179 was published for github.com/mattermost/mattermost/server/v8 (Go) Mar 21, 2025
Mattermost Fails to Restrict Bookmark Creation and Updates in Archived Channels Moderate
CVE-2025-24920 was published for github.com/mattermost/mattermost/server/v8 (Go) Mar 21, 2025
Mattermost Fails to Restrict Command Execution in Archived Channels Moderate
CVE-2025-25274 was published for github.com/mattermost/mattermost/server/v8 (Go) Mar 21, 2025
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14... High Unreviewed
CVE-2024-44305 was published Mar 21, 2025
DESCOR INFOCAD 3.5.1 and before and fixed in v.3.5.2.0 has a broken authorization schema. Moderate Unreviewed
CVE-2025-26853 was published Mar 20, 2025
An incorrect authorization vulnerability exists in gaizhenbiao/chuanhuchatgpt version git c91dbfc... Moderate Unreviewed
CVE-2024-9159 was published Mar 20, 2025
A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low... High Unreviewed
CVE-2024-10109 was published Mar 20, 2025
Mattermost Fails to Properly Perform Viewer Role Authorization Moderate
CVE-2025-1472 was published for github.com/mattermost/mattermost-server (Go) Mar 19, 2025
A vulnerability has been identified in the port ACL functionality of AOS-CX software running on... Low Unreviewed
CVE-2025-25040 was published Mar 18, 2025
Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods Low
CVE-2025-27512 was published for zincati (Rust) Mar 17, 2025
jlebon
Broken access control vulnerability in the IcProgress Innovación y Cualificación plugin. This... Moderate Unreviewed
CVE-2025-2201 was published Mar 17, 2025
Broken access control vulnerability in the Innovación y Cualificación local administration plugin... Moderate Unreviewed
CVE-2025-2202 was published Mar 17, 2025
Alludo Parallels Desktop before 19.4.2 and 20.x before 20.2.2 for macOS on Intel platforms allows... High Unreviewed
CVE-2025-30074 was published Mar 16, 2025
This vulnerability exists in the CAP back office application due to improper authorization checks... High Unreviewed
CVE-2025-29997 was published Mar 13, 2025
An issue was discovered in GitLab EE affecting all versions from 16.5 prior to 17.7.7, 17.8 prior... Low Unreviewed
CVE-2024-7296 was published Mar 13, 2025
An issue has been discovered in GitLab EE/CE affecting all versions starting from 16.9 before 17... Moderate Unreviewed
CVE-2025-0652 was published Mar 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database