Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

229 advisories

Loading
Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource... Moderate Unreviewed
CVE-2025-8057 was published Sep 16, 2025
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8. An... Moderate Unreviewed
CVE-2025-43231 was published Sep 16, 2025
In version 0.7.8 of danny-avila/librechat, improper authorization controls in the conversation... Moderate Unreviewed
CVE-2025-6088 was published Sep 11, 2025
A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function... Moderate Unreviewed
CVE-2025-9836 was published Sep 3, 2025
A vulnerability has been found in macrozheng mall up to 1.0.3. This affects the function... Moderate Unreviewed
CVE-2025-9835 was published Sep 3, 2025
The LWSCache plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed
CVE-2025-8147 was published Aug 29, 2025
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-7221 was published Aug 21, 2025
A vulnerability, which was classified as problematic, has been found in LitmusChaos Litmus up to... Moderate Unreviewed
CVE-2025-8794 was published Aug 10, 2025
A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been classified as... Moderate Unreviewed
CVE-2025-8789 was published Aug 10, 2025
A vulnerability was found in macrozheng mall up to 1.0.3 and classified as problematic. This... Moderate Unreviewed
CVE-2025-8755 was published Aug 9, 2025
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-8401 was published Jul 31, 2025
A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 and classified as critical.... Moderate Unreviewed
CVE-2025-7938 was published Jul 21, 2025
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web... Moderate Unreviewed
CVE-2025-50073 was published Jul 15, 2025
Secure-upload is a data submission service that validates single-use tokens when accepting... Moderate Unreviewed
CVE-2025-53709 was published Jul 10, 2025
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2025-20264 was published Jun 26, 2025
When a link can be opened in an external application, Firefox for Android will, by default,... Moderate Unreviewed
CVE-2025-6431 was published Jun 26, 2025
A vulnerability was found in ScriptAndTools Real Estate Management System 1.0. It has been rated... Moderate Unreviewed
CVE-2025-6329 was published Jun 20, 2025
A vulnerability has been found in Summer Pearl Group Vacation Rental Management Platform up to 1... Moderate Unreviewed
CVE-2025-5182 was published May 26, 2025
The PeproDev Ultimate Profile Solutions plugin for WordPress is vulnerable to unauthorized access... Moderate Unreviewed
CVE-2025-3924 was published May 7, 2025
Private Browsing tabs may be accessed without authentication. This issue is fixed in iOS 17 and... Moderate Unreviewed
CVE-2023-42973 was published Apr 11, 2025
A Broken Access Control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows low-privilege... Moderate Unreviewed
CVE-2025-28131 was published Apr 1, 2025
Improper authorization in the variable component in Devolutions Remote Desktop Manager on Windows... Moderate Unreviewed
CVE-2025-2600 was published Mar 26, 2025
A vulnerability in AnythingLLM Docker version 1.3.1 allows users with 'Default' permission to... Moderate Unreviewed
CVE-2024-13060 was published Mar 20, 2025
An improper authorization vulnerability exists in lunary-ai/lunary version 1.5.5. The /users/me... Moderate Unreviewed
CVE-2024-10274 was published Mar 20, 2025
The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-13552 was published Mar 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database