Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,884
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,205
NuGet
743
pip
3,978
Pub
12
RubyGems
947
Rust
1,034
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

787 advisories

Loading
An Insecure Direct Object Reference (IDOR) in the /dashboard/notes endpoint of Syaqui... High Unreviewed
CVE-2025-56392 was published Sep 30, 2025
Use of Hard-coded Credentials, Authorization Bypass Through User-Controlled Key vulnerability in... Moderate Unreviewed
CVE-2025-0642 was published Oct 2, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41099 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41096 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41098 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41097 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41091 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41092 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41093 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41094 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41095 was published Sep 30, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Anadolu Hayat Emeklilik Inc.... Moderate Unreviewed
CVE-2025-9342 was published Sep 23, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Academy LMS Academy LMS allows... Moderate Unreviewed
CVE-2025-59562 was published Sep 22, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Sayful Islam Upcoming Events... Moderate Unreviewed
CVE-2025-57994 was published Sep 22, 2025
Authorization Bypass Through User-Controlled Key vulnerability in PROLIZ Computer Software... Moderate Unreviewed
CVE-2025-0875 was published Sep 22, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Alex Content Mask allows... Low Unreviewed
CVE-2025-58012 was published Sep 22, 2025
Tronclass developed by WisdomGarden has an Insecure Direct object Reference vulnerability,... Moderate Unreviewed
CVE-2025-10719 was published Sep 19, 2025
The Service Finder Bookings plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed
CVE-2025-5948 was published Sep 19, 2025
The Chained Quiz plugin for WordPress is vulnerable to Insecure Direct Object Reference in... Moderate Unreviewed
CVE-2025-10493 was published Sep 18, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Nebula Informatics SecHard... Moderate Unreviewed
CVE-2025-8463 was published Sep 17, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Beefull Energy Technologies... Moderate Unreviewed
CVE-2025-7355 was published Sep 16, 2025
Authorization Bypass Through User-Controlled Key vulnerability with user privileges in ArgusTech... Moderate Unreviewed
CVE-2025-5518 was published Sep 16, 2025
A vulnerability was found in Xuxueli xxl-job up to 3.1.1. Affected by this issue is the function... Moderate Unreviewed
CVE-2025-9264 was published Aug 21, 2025
A vulnerability has been found in Xuxueli xxl-job up to 3.1.1. Affected by this vulnerability is... Moderate Unreviewed
CVE-2025-9263 was published Aug 21, 2025
The Resideo Plugin for Resideo - Real Estate WordPress Theme plugin for WordPress is vulnerable... High Unreviewed
CVE-2025-7718 was published Sep 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database