Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

892 advisories

Loading
Authorization Bypass Through User-Controlled Key vulnerability in Vidco Software VOC TESTER... Moderate Unreviewed
CVE-2024-13175 was published Jul 18, 2025
Indico vulnerability allows attackers to bulk dump user details Moderate
CVE-2025-53640 was published for indico (pip) Jul 14, 2025
rafaelcorvino1 rildosouza
nmmorette
The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion... Critical Unreviewed
CVE-2025-4855 was published Jul 9, 2025
The distributed engine of Secret Server versions 11.7.49 and earlier can be exploited during an... Low Unreviewed
CVE-2025-6942 was published Jul 2, 2025
The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is... High Unreviewed
CVE-2025-3848 was published Jul 2, 2025
A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60... Moderate Unreviewed
CVE-2025-6765 was published Jun 27, 2025
PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Insecure Direct Object... Moderate Unreviewed
CVE-2025-50693 was published Jun 26, 2025
An low privileged remote attacker in possession of the second factor for another user can login... High Unreviewed
CVE-2025-3091 was published Jun 26, 2025
A vulnerability, which was classified as problematic, was found in xxyopen/201206030 novel-plus... Low Unreviewed
CVE-2025-6534 was published Jun 26, 2025
Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments... Moderate Unreviewed
CVE-2025-49995 was published Jun 20, 2025
Authorization Bypass Through User-Controlled Key vulnerability in eyecix JobSearch allows... Moderate Unreviewed
CVE-2025-49978 was published Jun 20, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17... Moderate Unreviewed
CVE-2025-5195 was published Jun 12, 2025
A authorization bypass through user-controlled key in Fortinet FortiPortal versions 7.4.0,... Moderate Unreviewed
CVE-2024-45329 was published Jun 10, 2025
An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS.... Moderate Unreviewed
CVE-2025-40660 was published Jun 10, 2025
An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS.... Moderate Unreviewed
CVE-2025-40661 was published Jun 10, 2025
An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS.... Moderate Unreviewed
CVE-2025-40658 was published Jun 10, 2025
An Insecure Direct Object Reference (IDOR) vulnerability has been found in DM Corporative CMS.... Moderate Unreviewed
CVE-2025-40659 was published Jun 10, 2025
The Free Booking Plugin for Hotels, Restaurants and Car Rentals – eaSYNC Booking plugin for... Moderate Unreviewed
CVE-2025-4691 was published May 31, 2025
Insecure Direct Object Reference (IDOR) vulnerability in Clickedu. This vulnerability could allow... High Unreviewed
CVE-2025-40650 was published May 26, 2025
A vulnerability has been found in Summer Pearl Group Vacation Rental Management Platform up to 1... Moderate Unreviewed
CVE-2025-5182 was published May 26, 2025
A vulnerability in the API of Cisco Unified Intelligence Center could allow an authenticated,... Moderate Unreviewed
CVE-2025-20114 was published May 21, 2025
The Front End User Registration extension for TYPO3 (sr_feuser_register) allows Insecure Direct Object Reference High
CVE-2025-48205 was published for sjbr/sr-feuser-register (Composer) May 21, 2025
reint_downloadmanager TYPO3 Extension is susceptible to Insecure Direct Object Reference Moderate
CVE-2025-48207 was published for renolit/reint-downloadmanager (Composer) May 21, 2025
The femanager TYPO3 extension allows Insecure Direct Object Reference Moderate
CVE-2025-48202 was published for in2code/femanager (Composer) May 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Chimpstudio WP JobHunt allows... Moderate Unreviewed
CVE-2025-39537 was published May 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database