Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,350 advisories

Loading
An Improper Access Control could allow a malicious actor authenticated in the API of certain... High Unreviewed
CVE-2025-27215 was published Aug 21, 2025
Incorrect access control in radar v1.0.8 allows attackers to bypass authentication and access... Critical Unreviewed
CVE-2024-57155 was published Aug 20, 2025
Incorrect access control in the preHandle function of my-site v1.0.2 allows attackers to access... High Unreviewed
CVE-2024-57152 was published Aug 20, 2025
Incorrect access control in dts-shop v0.0.1-SNAPSHOT allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-57154 was published Aug 20, 2025
Incorrect access control in the doFilter function of itranswarp up to 2.19 allows attackers to... High Unreviewed
CVE-2025-28041 was published Aug 20, 2025
Incorrect access control in the preHandle function of my-site v1.0.2.RELEASE allows attackers to... High Unreviewed
CVE-2024-53495 was published Aug 20, 2025
A vulnerability in the GUI of Cisco Identity Services Engine (ISE) could allow an authenticated,... Moderate Unreviewed
CVE-2025-20131 was published Aug 20, 2025
Incorrect access control in Jantent v1.1 allows attackers to bypass authentication and access... Critical Unreviewed
CVE-2024-57157 was published Aug 20, 2025
A weakness has been identified in Emlog Pro up to 2.5.18. This issue affects some unknown... Moderate Unreviewed
CVE-2025-9173 was published Aug 20, 2025
A vulnerability was detected in itsourcecode Online Tour and Travel Management System 1.0. This... Moderate Unreviewed
CVE-2025-9153 was published Aug 19, 2025
EzGED3 3.5.0 contains an unauthenticated arbitrary file read vulnerability due to improper access... Moderate Unreviewed
CVE-2025-51539 was published Aug 19, 2025
A security issue has been identified in Appian Enterprise Business Process Management version 25... Moderate Unreviewed
CVE-2025-50434 was published Aug 19, 2025
A vulnerability exists in riscv-boom SonicBOOM 1.2 (BOOMv1.2) processor implementation, where... Moderate Unreviewed
CVE-2025-50897 was published Aug 19, 2025
Incorrect Access Control in the AJAX endpoint functionality in jonkastonka Cookies and Content... Moderate Unreviewed
CVE-2025-51529 was published Aug 19, 2025
Thermo Fisher Scientific ePort through 3.0.0 has Incorrect Access Control. High Unreviewed
CVE-2025-32992 was published Aug 18, 2025
An Insecure Direct Object Reference (IDOR) vulnerability was identified in the `POST /v1... High Unreviewed
CVE-2025-4962 was published Aug 18, 2025
A vulnerability was identified in Acrel Environmental Monitoring Cloud Platform up to 20250804.... Moderate Unreviewed
CVE-2025-9099 was published Aug 18, 2025
The Lotus Cars Android app (com.lotus.carsdomestic.intl) 1.2.8 contains an exported component,... Moderate Unreviewed
CVE-2025-50861 was published Aug 14, 2025
A vulnerability in the implementation of access control rules for loopback interfaces in Cisco... Moderate Unreviewed
CVE-2025-20219 was published Aug 14, 2025
A vulnerability has been found in linlinjava litemall up to 1.8.0. This vulnerability affects the... Moderate Unreviewed
CVE-2025-8965 was published Aug 14, 2025
A vulnerability in the web application of the ctrlX OS setup mechanism facilitated an... High Unreviewed
CVE-2025-48860 was published Aug 14, 2025
A vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote,... Moderate Unreviewed
CVE-2025-48861 was published Aug 14, 2025
External Secrets Operator's Missing Namespace Restriction Allows Unauthorized Secret Access High
CVE-2025-55196 was published for github.com/external-secrets/external-secrets (Go) Aug 13, 2025
gracedo moolen
A vulnerability was found in INSTAR 2K+ and 4K 3.11.1 Build 1124. This issue affects some unknown... High Unreviewed
CVE-2025-8762 was published Aug 13, 2025
Improper access control in Azure File Sync allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-53729 was published Aug 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database