Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,884
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,205
NuGet
743
pip
3,978
Pub
12
RubyGems
947
Rust
1,034
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

464 advisories

Loading
Authorization Bypass Through User-Controlled Key vulnerability in Logo Software Inc. Logo Cloud... Moderate Unreviewed
CVE-2025-0606 was published Oct 6, 2025
Use of Hard-coded Credentials, Authorization Bypass Through User-Controlled Key vulnerability in... Moderate Unreviewed
CVE-2025-0642 was published Oct 2, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Anadolu Hayat Emeklilik Inc.... Moderate Unreviewed
CVE-2025-9342 was published Sep 23, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Academy LMS Academy LMS allows... Moderate Unreviewed
CVE-2025-59562 was published Sep 22, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Sayful Islam Upcoming Events... Moderate Unreviewed
CVE-2025-57994 was published Sep 22, 2025
Authorization Bypass Through User-Controlled Key vulnerability in PROLIZ Computer Software... Moderate Unreviewed
CVE-2025-0875 was published Sep 22, 2025
Tronclass developed by WisdomGarden has an Insecure Direct object Reference vulnerability,... Moderate Unreviewed
CVE-2025-10719 was published Sep 19, 2025
The Chained Quiz plugin for WordPress is vulnerable to Insecure Direct Object Reference in... Moderate Unreviewed
CVE-2025-10493 was published Sep 18, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Nebula Informatics SecHard... Moderate Unreviewed
CVE-2025-8463 was published Sep 17, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Beefull Energy Technologies... Moderate Unreviewed
CVE-2025-7355 was published Sep 16, 2025
Authorization Bypass Through User-Controlled Key vulnerability with user privileges in ArgusTech... Moderate Unreviewed
CVE-2025-5518 was published Sep 16, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Tomdever wpForo Forum allows... Moderate Unreviewed
CVE-2025-58597 was published Sep 3, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft ProKuafor allows... Moderate Unreviewed
CVE-2025-0670 was published Sep 2, 2025
PHPGurukul Employee Leave Management System 2.1 contains an Insecure Direct Object Reference ... Moderate Unreviewed
CVE-2025-56254 was published Sep 2, 2025
An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows... Moderate Unreviewed
CVE-2025-55621 was published Aug 22, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Equalize Digital Accessibility... Moderate Unreviewed
CVE-2025-57886 was published Aug 22, 2025
A vulnerability was found in Xuxueli xxl-job up to 3.1.1. Affected by this issue is the function... Moderate Unreviewed
CVE-2025-9264 was published Aug 21, 2025
A vulnerability has been found in Xuxueli xxl-job up to 3.1.1. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-9263 was published Aug 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Stylemix Motors allows... Moderate Unreviewed
CVE-2025-54691 was published Aug 14, 2025
An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1... Moderate Unreviewed
CVE-2025-8770 was published Aug 13, 2025
ServiceNow has addressed a Broken Access Control vulnerability that was identified in the... Moderate Unreviewed
CVE-2025-3089 was published Aug 12, 2025
IBM Cloud Pak for Business Automation 24.0.0 through 24.0.0 IF005 and 24.0.1 through 24.0.1 IF002... Moderate Unreviewed
CVE-2025-36023 was published Aug 8, 2025
An Insecure Direct Object Reference (IDOR) in Sage DPW v2024_12_004 and below allows unauthorized... Moderate Unreviewed
CVE-2025-51533 was published Aug 7, 2025
An Insecure Direct Object Reference (IDOR) vulnerability was discovered in SOGo Webmail thru 5.6... Moderate Unreviewed
CVE-2025-50340 was published Aug 4, 2025
Authorization bypass in update_user_group in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows... Moderate Unreviewed
CVE-2025-51479 was published Jul 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database