Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

228 advisories

Loading
The Resideo Plugin for Resideo - Real Estate WordPress Theme plugin for WordPress is vulnerable... High Unreviewed
CVE-2025-7718 was published Sep 10, 2025
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege... High Unreviewed
CVE-2025-7049 was published Sep 10, 2025
An Insecure Direct Object Reference (IDOR) in Envasadora H2O Eireli - Soda Cristal v40.20.4... High Unreviewed
CVE-2025-52389 was published Sep 8, 2025
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed
CVE-2025-8447 was published Aug 26, 2025
Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5... High Unreviewed
CVE-2025-55370 was published Aug 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Pik Online Yazılım Çözümleri A... High Unreviewed
CVE-2025-5261 was published Aug 20, 2025
Authorization Bypass Through User-Controlled Key vulnerability in paymayapg Maya Business allows... High Unreviewed
CVE-2025-53208 was published Aug 20, 2025
Authorization Bypass Through User-Controlled Key vulnerability in ABB Aspect.This issue affects... High Unreviewed
CVE-2025-53189 was published Aug 11, 2025
The Eventin plugin for WordPress is vulnerable to privilege escalation via account takeover in... High Unreviewed
CVE-2025-4796 was published Aug 8, 2025
CWE-639 Authorization Bypass Through User-Controlled Key High Unreviewed
CVE-2025-46387 was published Aug 6, 2025
CWE-639 Authorization Bypass Through User-Controlled Key High Unreviewed
CVE-2025-46386 was published Aug 6, 2025
Insecure Direct Object Reference (IDOR) vulnerability in PdfHandler component in Agenzia Impresa... High Unreviewed
CVE-2025-51628 was published Aug 5, 2025
CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference (IDOR). The user profile... High Unreviewed
CVE-2025-50849 was published Jul 31, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52446 was published Jul 25, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52447 was published Jul 25, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52448 was published Jul 25, 2025
Ai2 playground web service (playground.allenai.org) LLM chat through 2025-06-03 is vulnerable to... High Unreviewed
CVE-2025-51865 was published Jul 22, 2025
An authorization bypass vulnerability exists in ETQ Reliance (legacy CG and NXG SaaS platforms).... High Unreviewed
CVE-2025-34140 was published Jul 22, 2025
Insecure Direct Object Reference (IDOR) vulnerability in Liner thru 2025-06-03 allows attackers... High Unreviewed
CVE-2025-51869 was published Jul 21, 2025
Insecure Direct Object Reference (IDOR) vulnerability in Dippy (chat.dippy.ai) v2 allows... High Unreviewed
CVE-2025-51868 was published Jul 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in PAVO Inc. PAVO Pay allows... High Unreviewed
CVE-2025-4129 was published Jul 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Turpak Automatic Station... High Unreviewed
CVE-2025-4040 was published Jul 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Turtek Software Eyotek allows... High Unreviewed
CVE-2025-1469 was published Jul 21, 2025
The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is... High Unreviewed
CVE-2025-3848 was published Jul 2, 2025
An low privileged remote attacker in possession of the second factor for another user can login... High Unreviewed
CVE-2025-3091 was published Jun 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database