GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,104
Composer 4,884
Erlang 37
GitHub Actions 38
Go 2,546
Maven 5,990
npm 4,205
NuGet 743
pip 3,978
Pub 12
RubyGems 947
Rust 1,034
Swift 39

Unreviewed advisories

All unreviewed 272,245

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

265 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An Insecure Direct Object Reference (IDOR) in the /dashboard/notes endpoint of Syaqui... High Unreviewed

CVE-2025-56392 was published Sep 30, 2025

Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed

CVE-2025-41097 was published Sep 30, 2025

Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed

CVE-2025-41099 was published Sep 30, 2025

Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed

CVE-2025-41092 was published Sep 30, 2025

Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed

CVE-2025-41091 was published Sep 30, 2025

Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed

CVE-2025-41096 was published Sep 30, 2025

Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed

CVE-2025-41098 was published Sep 30, 2025

Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed

CVE-2025-41093 was published Sep 30, 2025

Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed

CVE-2025-41094 was published Sep 30, 2025

Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed

CVE-2025-41095 was published Sep 30, 2025

Liferay Portal is vulnerable to Insecure Direct Object Reference (IDOR) attack through Authentication Bypass High

CVE-2025-43790 was published for com.liferay:com.liferay.object.service (Maven) Sep 11, 2025

The Resideo Plugin for Resideo - Real Estate WordPress Theme plugin for WordPress is vulnerable... High Unreviewed

CVE-2025-7718 was published Sep 10, 2025

The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to privilege... High Unreviewed

CVE-2025-7049 was published Sep 10, 2025

An Insecure Direct Object Reference (IDOR) in Envasadora H2O Eireli - Soda Cristal v40.20.4... High Unreviewed

CVE-2025-52389 was published Sep 8, 2025

An improper access control vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed

CVE-2025-8447 was published Aug 26, 2025

Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5... High Unreviewed

CVE-2025-55370 was published Aug 21, 2025

Authorization Bypass Through User-Controlled Key vulnerability in Pik Online Yazılım Çözümleri A... High Unreviewed

CVE-2025-5261 was published Aug 20, 2025

Authorization Bypass Through User-Controlled Key vulnerability in paymayapg Maya Business allows... High Unreviewed

CVE-2025-53208 was published Aug 20, 2025

Authorization Bypass Through User-Controlled Key vulnerability in ABB Aspect.This issue affects... High Unreviewed

CVE-2025-53189 was published Aug 11, 2025

The Eventin plugin for WordPress is vulnerable to privilege escalation via account takeover in... High Unreviewed

CVE-2025-4796 was published Aug 8, 2025

CWE-639 Authorization Bypass Through User-Controlled Key High Unreviewed

CVE-2025-46386 was published Aug 6, 2025

CWE-639 Authorization Bypass Through User-Controlled Key High Unreviewed

CVE-2025-46387 was published Aug 6, 2025

Insecure Direct Object Reference (IDOR) vulnerability in PdfHandler component in Agenzia Impresa... High Unreviewed

CVE-2025-51628 was published Aug 5, 2025

CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference (IDOR). The user profile... High Unreviewed

CVE-2025-50849 was published Jul 31, 2025

Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on... High Unreviewed

CVE-2025-52448 was published Jul 25, 2025

Previous1…11 Next

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

265 advisories