Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

454 advisories

Loading
Insecure Direct Object Reference (IDOR) vulnerability in Liferay Portal 7.4.0 through 7.4.3.124,... Moderate Unreviewed
CVE-2025-43782 was published Sep 11, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Tomdever wpForo Forum allows... Moderate Unreviewed
CVE-2025-58597 was published Sep 3, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft ProKuafor allows... Moderate Unreviewed
CVE-2025-0670 was published Sep 2, 2025
PHPGurukul Employee Leave Management System 2.1 contains an Insecure Direct Object Reference ... Moderate Unreviewed
CVE-2025-56254 was published Sep 2, 2025
An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows... Moderate Unreviewed
CVE-2025-55621 was published Aug 22, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Equalize Digital Accessibility... Moderate Unreviewed
CVE-2025-57886 was published Aug 22, 2025
A vulnerability has been found in Xuxueli xxl-job up to 3.1.1. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-9263 was published Aug 21, 2025
A vulnerability was found in Xuxueli xxl-job up to 3.1.1. Affected by this issue is the function... Moderate Unreviewed
CVE-2025-9264 was published Aug 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Stylemix Motors allows... Moderate Unreviewed
CVE-2025-54691 was published Aug 14, 2025
An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1... Moderate Unreviewed
CVE-2025-8770 was published Aug 13, 2025
ServiceNow has addressed a Broken Access Control vulnerability that was identified in the... Moderate Unreviewed
CVE-2025-3089 was published Aug 12, 2025
IBM Cloud Pak for Business Automation 24.0.0 through 24.0.0 IF005 and 24.0.1 through 24.0.1 IF002... Moderate Unreviewed
CVE-2025-36023 was published Aug 8, 2025
An Insecure Direct Object Reference (IDOR) in Sage DPW v2024_12_004 and below allows unauthorized... Moderate Unreviewed
CVE-2025-51533 was published Aug 7, 2025
An Insecure Direct Object Reference (IDOR) vulnerability was discovered in SOGo Webmail thru 5.6... Moderate Unreviewed
CVE-2025-50340 was published Aug 4, 2025
Authorization bypass in update_user_group in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows... Moderate Unreviewed
CVE-2025-51479 was published Jul 22, 2025
Insecure Direct Object Reference (IDOR) vulnerability in Deepfiction AI (deepfiction.ai) thru... Moderate Unreviewed
CVE-2025-51867 was published Jul 22, 2025
A vulnerability classified as critical has been found in jshERP up to 3.5. Affected is an unknown... Moderate Unreviewed
CVE-2025-7947 was published Jul 22, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Akbim Software Online Exam... Moderate Unreviewed
CVE-2025-2301 was published Jul 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Turtek Software Eyotek allows... Moderate Unreviewed
CVE-2025-5681 was published Jul 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Vidco Software VOC TESTER... Moderate Unreviewed
CVE-2024-13175 was published Jul 18, 2025
A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60... Moderate Unreviewed
CVE-2025-6765 was published Jun 27, 2025
PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Insecure Direct Object... Moderate Unreviewed
CVE-2025-50693 was published Jun 26, 2025
Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments... Moderate Unreviewed
CVE-2025-49995 was published Jun 20, 2025
Authorization Bypass Through User-Controlled Key vulnerability in eyecix JobSearch allows... Moderate Unreviewed
CVE-2025-49978 was published Jun 20, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 17.9 before 17.10.7, 17... Moderate Unreviewed
CVE-2025-5195 was published Jun 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database