Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,080
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,622 advisories

Loading
Incorrect access control in mihomo v1.19.11 allows authenticated attackers with low-level... Moderate Unreviewed
CVE-2025-56499 was published Nov 18, 2025
The Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access... Critical Unreviewed
CVE-2025-63225 was published Nov 18, 2025
The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session... High Unreviewed
CVE-2025-63219 was published Nov 19, 2025
The Axel Technology WOLF1MS and WOLF2MS devices (firmware versions 0.8.5 to 1.0.3) are vulnerable... Critical Unreviewed
CVE-2025-63218 was published Nov 19, 2025
The Axel Technology StreamerMAX MK II devices (firmware versions 0.8.5 to 1.0.3) are vulnerable... Critical Unreviewed
CVE-2025-63223 was published Nov 19, 2025
An issue was discovered in bridgetech VBC Server & Element Manager, firmware version 6.5.0-10 , 6... Moderate Unreviewed
CVE-2025-63214 was published Nov 19, 2025
A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this... Moderate Unreviewed
CVE-2025-13411 was published Nov 19, 2025
A flaw has been found in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted element... Moderate Unreviewed
CVE-2025-13423 was published Nov 20, 2025
phppgadmin contains an incorrect access control vulnerability Moderate
CVE-2025-60799 was published for phppgadmin/phppgadmin (Composer) Nov 20, 2025
Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in... High Unreviewed
CVE-2025-48986 was published Nov 20, 2025
Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to... Moderate Unreviewed
CVE-2025-64660 was published Nov 21, 2025
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and... Low Unreviewed
CVE-2025-31216 was published Nov 22, 2025
A weakness has been identified in ashraf-kabir travel-agency up to... Moderate Unreviewed
CVE-2025-13544 was published Nov 23, 2025
A weakness has been identified in code-projects Online Bidding System 1.0. This issue affects the... Moderate Unreviewed
CVE-2025-13574 was published Nov 24, 2025
A security flaw has been discovered in projectworlds can pass malicious payloads up to 1.0. This... Moderate Unreviewed
CVE-2025-13573 was published Nov 24, 2025
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... High Unreviewed
CVE-2025-54338 was published Nov 25, 2025
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... High Unreviewed
CVE-2025-54563 was published Nov 25, 2025
Primakon Pi Portal 1.0.18 REST /api/v2/user/register endpoint suffers from a Broken Access... High Unreviewed
CVE-2025-64066 was published Nov 25, 2025
Primakon Pi Portal 1.0.18 /api/v2/pp_users endpoint fails to adequately check user permissions... High Unreviewed
CVE-2025-64064 was published Nov 25, 2025
Better Auth Passkey Plugin allows passkey deletion through IDOR High
GHSA-4vcf-q4xf-f48m was published for @better-auth/passkey (npm) Nov 25, 2025
goksan
Credited to goksan
OneUptime is Vulnerable to Privilege Escalation via Login Response Manipulation Moderate
CVE-2025-66028 was published for @oneuptime/common (npm) Nov 25, 2025
SamirWaleed
Credited to SamirWaleed
Incorrect access control in the /aux1/ocussd/trace endpoint of OpenCode Systems USSD Gateway OC... Moderate Unreviewed
CVE-2025-65239 was published Nov 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database