Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,670
Maven
5,000+
npm
4,296
NuGet
760
pip
4,075
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,341 advisories

Loading
Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in... High Unreviewed
CVE-2025-48986 was published Nov 20, 2025
The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session... High Unreviewed
CVE-2025-63219 was published Nov 19, 2025
A vulnerability in the SSH restricted shell interface of the network management services allows... High Unreviewed
CVE-2025-37155 was published Nov 18, 2025
Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source... High Unreviewed
CVE-2025-41737 was published Nov 18, 2025
@apollo/composition has Improper Enforcement of Access Control on Interface Types and Fields High
CVE-2025-64530 was published for @apollo/composition (npm) Nov 14, 2025
The issue was addressed by refusing external connections by default. This issue is fixed in... High Unreviewed
CVE-2025-43515 was published Nov 13, 2025
A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote... High Unreviewed
CVE-2025-20341 was published Nov 13, 2025
Incorrect access control in SIMICAM v1.16.41-20250725, KEVIEW v1.14.92-20241120, ASECAM v1.14.10... High Unreviewed
CVE-2025-63667 was published Nov 12, 2025
Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized... High Unreviewed
CVE-2025-60705 was published Nov 11, 2025
Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized... High Unreviewed
CVE-2025-59512 was published Nov 11, 2025
An issue was discovered in AnyDesk through 9.0.4. A remotely connected user with the "Control my... High Unreviewed
CVE-2025-27919 was published Nov 6, 2025
Apollo Router Improperly Enforces Renamed Access Control Directives High
CVE-2025-64347 was published for apollo-router (Rust) Nov 6, 2025
sachindshinde
Credited to sachindshinde
An Incorrect Access Control vulnerability in the user management component of ZwiiCMS up to v13.6... High Unreviewed
CVE-2025-57130 was published Nov 5, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-43476 was published Nov 4, 2025
A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.1 and... High Unreviewed
CVE-2025-43502 was published Nov 4, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1... High Unreviewed
CVE-2025-43450 was published Nov 4, 2025
This issue was addressed through improved state management. This issue is fixed in iOS 26.1 and... High Unreviewed
CVE-2025-43454 was published Nov 4, 2025
An access issue was addressed with additional sandbox restrictions. This issue is fixed in... High Unreviewed
CVE-2025-43413 was published Nov 4, 2025
This issue was addressed with improved entitlements. This issue is fixed in visionOS 26.1, macOS... High Unreviewed
CVE-2025-43407 was published Nov 4, 2025
When passing through PCI devices, the detach logic in libxl won't remove access permissions to... High Unreviewed
CVE-2025-58149 was published Oct 31, 2025
Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 was discovered to store... High Unreviewed
CVE-2025-63423 was published Oct 30, 2025
Incorrect access control in the Web management interface in Each Italy Wireless Mini Router... High Unreviewed
CVE-2025-63422 was published Oct 30, 2025
Kanova Android App version 1.0.27 (package name com.karelane), developed by Karely L.L.C.,... High Unreviewed
CVE-2025-61119 was published Oct 30, 2025
2nd Line Android App version v1.2.92 and before (package name com.mysecondline.app), developed by... High Unreviewed
CVE-2025-61114 was published Oct 30, 2025
AG Life Logger Android App version v1.0.2.72 and before (package name com.donki.healthy),... High Unreviewed
CVE-2025-61120 was published Oct 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database