GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
591 advisories
Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto
Critical
CVE-2024-45337
was published
for
golang.org/x/crypto
(Go)
Dec 11, 2024
Next.js authorization bypass vulnerability
High
CVE-2024-51479
was published
for
next
(npm)
Dec 17, 2024
OpenFGA Authorization Bypass
Moderate
CVE-2024-56323
was published
for
github.com/openfga/openfga
(Go)
Jan 13, 2025
Gradio Blocked Path ACL Bypass Vulnerability
Critical
CVE-2025-23042
was published
for
gradio
(pip)
Jan 14, 2025
CVE-2024-5138: snapd snapctl auth bypass
Moderate
CVE-2024-5138
was published
for
github.com/snapcore/snapd
(Go)
Jan 16, 2025
Kubewarden-Controller information leak via AdmissionPolicyGroup Resource
Moderate
CVE-2025-24784
was published
for
github.com/kubewarden/kubewarden-controller
(Go)
Jan 30, 2025
TShock allows chat while not fully connected, possible ban evasion
Moderate
GHSA-f8mx-cwfh-7hr2
was published
for
tshock
(NuGet)
Feb 3, 2025
Contrast's unauthenticated recovery allows Coordinator impersonation
High
GHSA-vqv5-385r-2hf8
was published
for
github.com/edgelesssys/contrast
(Go)
Feb 5, 2025
ProTip!
Advisories are also available from the
GraphQL API