Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,520
Erlang
33
GitHub Actions
25
Go
2,215
Maven
5,000+
npm
3,885
NuGet
697
pip
3,654
Pub
12
RubyGems
913
Rust
932
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,798 advisories

Loading
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access... High Unreviewed
CVE-2025-30288 was published Apr 8, 2025
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are... Moderate Unreviewed
CVE-2025-27191 was published Apr 8, 2025
Adobe Commerce versions 2.4.7-p4, 2.4.6-p9, 2.4.5-p11, 2.4.4-p12, 2.4.8-beta2 and earlier are... Moderate Unreviewed
CVE-2025-27190 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper Access... Critical Unreviewed
CVE-2025-30281 was published Apr 8, 2025
Improper access control in Active Directory Domain Services allows an authorized attacker to... High Unreviewed
CVE-2025-29810 was published Apr 8, 2025
Improper access control in Visual Studio allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-29804 was published Apr 8, 2025
Improper access control in Microsoft Office allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-27744 was published Apr 8, 2025
Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to... Moderate Unreviewed
CVE-2025-27738 was published Apr 8, 2025
Improper access control in Windows Defender Application Control (WDAC) allows an unauthorized... High Unreviewed
CVE-2025-26678 was published Apr 8, 2025
Improper access control in Windows NTFS allows an authorized attacker to disclose file path... Moderate Unreviewed
CVE-2025-21197 was published Apr 8, 2025
Shopware Broken ACL on Document retrieval to access other customers documents Moderate
GHSA-68wv-g3fw-pq7q was published for shopware/core (Composer) Apr 8, 2025
A vulnerability classified as critical was found in mymagicpower AIAS 20250308. This... Moderate Unreviewed
CVE-2025-3410 was published Apr 8, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the... Critical Unreviewed
CVE-2025-28410 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the... Critical Unreviewed
CVE-2025-28413 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the /editSave... Critical Unreviewed
CVE-2025-28412 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobLogId parameter Critical Unreviewed
CVE-2025-28406 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method... Critical Unreviewed
CVE-2025-28411 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the changeStatus... Critical Unreviewed
CVE-2025-28405 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the editSave method... High Unreviewed
CVE-2025-28403 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the edit method of... High Unreviewed
CVE-2025-28407 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the add method of... High Unreviewed
CVE-2025-28409 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the selectDeptTree... Critical Unreviewed
CVE-2025-28408 was published Apr 7, 2025
An issue in RUoYi v.4.8.0 allows a remote attacker to escalate privileges via the jobId parameter Critical Unreviewed
CVE-2025-28402 was published Apr 7, 2025
A vulnerability, which was classified as critical, has been found in godcheese/code-projects... Moderate Unreviewed
CVE-2025-3324 was published Apr 7, 2025
Memory corruption may occur due top improper access control in HAB process. High Unreviewed
CVE-2025-21425 was published Apr 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database