Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,675
Maven
5,000+
npm
4,297
NuGet
760
pip
4,077
Pub
12
RubyGems
957
Rust
1,058
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,617 advisories

Loading
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... High Unreviewed
CVE-2025-54563 was published Nov 25, 2025
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... High Unreviewed
CVE-2025-54338 was published Nov 25, 2025
A security flaw has been discovered in projectworlds can pass malicious payloads up to 1.0. This... Moderate Unreviewed
CVE-2025-13573 was published Nov 24, 2025
A weakness has been identified in code-projects Online Bidding System 1.0. This issue affects the... Moderate Unreviewed
CVE-2025-13574 was published Nov 24, 2025
A weakness has been identified in ashraf-kabir travel-agency up to... Moderate Unreviewed
CVE-2025-13544 was published Nov 23, 2025
The issue was addressed with improved checks. This issue is fixed in iPadOS 17.7.7, iOS 18.5 and... Low Unreviewed
CVE-2025-31216 was published Nov 22, 2025
Improper access control in GitHub Copilot and Visual Studio Code allows an authorized attacker to... Moderate Unreviewed
CVE-2025-64660 was published Nov 21, 2025
Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in... High Unreviewed
CVE-2025-48986 was published Nov 20, 2025
phppgadmin contains an incorrect access control vulnerability Moderate
CVE-2025-60799 was published for phppgadmin/phppgadmin (Composer) Nov 20, 2025
A flaw has been found in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted element... Moderate Unreviewed
CVE-2025-13423 was published Nov 20, 2025
A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this... Moderate Unreviewed
CVE-2025-13411 was published Nov 19, 2025
An issue was discovered in bridgetech VBC Server & Element Manager, firmware version 6.5.0-10 , 6... Moderate Unreviewed
CVE-2025-63214 was published Nov 19, 2025
The Axel Technology StreamerMAX MK II devices (firmware versions 0.8.5 to 1.0.3) are vulnerable... Critical Unreviewed
CVE-2025-63223 was published Nov 19, 2025
The Axel Technology WOLF1MS and WOLF2MS devices (firmware versions 0.8.5 to 1.0.3) are vulnerable... Critical Unreviewed
CVE-2025-63218 was published Nov 19, 2025
The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session... High Unreviewed
CVE-2025-63219 was published Nov 19, 2025
Incorrect access control in mihomo v1.19.11 allows authenticated attackers with low-level... Moderate Unreviewed
CVE-2025-56499 was published Nov 18, 2025
The Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access... Critical Unreviewed
CVE-2025-63225 was published Nov 18, 2025
A vulnerability in the SSH restricted shell interface of the network management services allows... High Unreviewed
CVE-2025-37155 was published Nov 18, 2025
Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source... High Unreviewed
CVE-2025-41737 was published Nov 18, 2025
A security vulnerability has been detected in Iqbolshoh php-business-website up to... Moderate Unreviewed
CVE-2025-13275 was published Nov 17, 2025
A security vulnerability has been detected in Jiusi OA up to 20251102. This affects an unknown... Moderate Unreviewed
CVE-2025-13249 was published Nov 16, 2025
A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this... Moderate Unreviewed
CVE-2025-13238 was published Nov 16, 2025
A vulnerability has been found in DouPHP up to 1.8 Release 20251022. This impacts an unknown... Moderate Unreviewed
CVE-2025-13198 was published Nov 15, 2025
The Qi Blocks plugin for WordPress is vulnerable to unauthorized access due to a missing... Moderate Unreviewed
CVE-2025-12182 was published Nov 15, 2025
Directus has Improper Permission Handling on Deleted Fields Moderate
CVE-2025-64746 was published for directus (npm) Nov 14, 2025
beafn28
Credited to beafn28
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database