GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,755
Composer 4,856
Erlang 36
GitHub Actions 36
Go 2,488
Maven 5,911
npm 4,104
NuGet 735
pip 3,923
Pub 12
RubyGems 945
Rust 1,017
Swift 39

Unreviewed advisories

All unreviewed 268,406

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

528 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Authorization Bypass Through User-Controlled Key vulnerability in Tomdever wpForo Forum allows... Moderate Unreviewed

CVE-2025-58597 was published Sep 3, 2025

PHPGurukul Employee Leave Management System 2.1 contains an Insecure Direct Object Reference ... Moderate Unreviewed

CVE-2025-56254 was published Sep 2, 2025

Authorization Bypass Through User-Controlled Key vulnerability in Akinsoft ProKuafor allows... Moderate Unreviewed

CVE-2025-0670 was published Sep 2, 2025

An Insecure Direct Object Reference (IDOR) vulnerability in Reolink v4.54.0.4.20250526 allows... Moderate Unreviewed

CVE-2025-55621 was published Aug 22, 2025

Authorization Bypass Through User-Controlled Key vulnerability in Equalize Digital Accessibility... Moderate Unreviewed

CVE-2025-57886 was published Aug 22, 2025

Liferay Portal Vulnerable to Insecure Direct Object Reference Moderate

CVE-2025-43732 was published for com.liferay:com.liferay.roles.selector.web (Maven) Aug 18, 2025

Authorization Bypass Through User-Controlled Key vulnerability in Stylemix Motors allows... Moderate Unreviewed

CVE-2025-54691 was published Aug 14, 2025

An issue has been discovered in GitLab EE affecting all versions from 18.0 prior to 18.0.6, 18.1... Moderate Unreviewed

CVE-2025-8770 was published Aug 13, 2025

ServiceNow has addressed a Broken Access Control vulnerability that was identified in the... Moderate Unreviewed

CVE-2025-3089 was published Aug 12, 2025

IBM Cloud Pak for Business Automation 24.0.0 through 24.0.0 IF005 and 24.0.1 through 24.0.1 IF002... Moderate Unreviewed

CVE-2025-36023 was published Aug 8, 2025

An Insecure Direct Object Reference (IDOR) in Sage DPW v2024_12_004 and below allows unauthorized... Moderate Unreviewed

CVE-2025-51533 was published Aug 7, 2025

An Insecure Direct Object Reference (IDOR) vulnerability was discovered in SOGo Webmail thru 5.6... Moderate Unreviewed

CVE-2025-50340 was published Aug 4, 2025

Authorization bypass in update_user_group in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows... Moderate Unreviewed

CVE-2025-51479 was published Jul 22, 2025

Insecure Direct Object Reference (IDOR) vulnerability in Deepfiction AI (deepfiction.ai) thru... Moderate Unreviewed

CVE-2025-51867 was published Jul 22, 2025

Powermail extension for TYPO3 allows Insecure Direct Object Reference Moderate

CVE-2025-7899 was published for in2code/powermail (Composer) Jul 22, 2025

Femanager extension for TYPO3 allows Insecure Direct Object Reference Moderate

CVE-2025-7900 was published for in2code/femanager (Composer) Jul 22, 2025

A vulnerability classified as critical has been found in jshERP up to 3.5. Affected is an unknown... Moderate Unreviewed

CVE-2025-7947 was published Jul 22, 2025

Authorization Bypass Through User-Controlled Key vulnerability in Akbim Software Online Exam... Moderate Unreviewed

CVE-2025-2301 was published Jul 21, 2025

Authorization Bypass Through User-Controlled Key vulnerability in Turtek Software Eyotek allows... Moderate Unreviewed

CVE-2025-5681 was published Jul 21, 2025

Authorization Bypass Through User-Controlled Key vulnerability in Vidco Software VOC TESTER... Moderate Unreviewed

CVE-2024-13175 was published Jul 18, 2025

Indico vulnerability allows attackers to bulk dump user details Moderate

CVE-2025-53640 was published for indico (pip) Jul 14, 2025

A vulnerability, which was classified as critical, has been found in Intelbras InControl 2.21.60... Moderate Unreviewed

CVE-2025-6765 was published Jun 27, 2025

PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Insecure Direct Object... Moderate Unreviewed

CVE-2025-50693 was published Jun 26, 2025

Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments... Moderate Unreviewed

CVE-2025-49995 was published Jun 20, 2025

Authorization Bypass Through User-Controlled Key vulnerability in eyecix JobSearch allows... Moderate Unreviewed

CVE-2025-49978 was published Jun 20, 2025

Previous1…22 Next

Previous 1 2 3 4 5 … 21 22 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

528 advisories