Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,336
NuGet
764
pip
4,111
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,662 advisories

Loading
Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in... High Unreviewed
CVE-2025-48986 was published Nov 20, 2025
phppgadmin contains an incorrect access control vulnerability Moderate
CVE-2025-60799 was published for phppgadmin/phppgadmin (Composer) Nov 20, 2025
A flaw has been found in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted element... Moderate Unreviewed
CVE-2025-13423 was published Nov 20, 2025
A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. Affected by this... Moderate Unreviewed
CVE-2025-13411 was published Nov 19, 2025
An issue was discovered in bridgetech VBC Server & Element Manager, firmware version 6.5.0-10 , 6... Moderate Unreviewed
CVE-2025-63214 was published Nov 19, 2025
The Axel Technology StreamerMAX MK II devices (firmware versions 0.8.5 to 1.0.3) are vulnerable... Critical Unreviewed
CVE-2025-63223 was published Nov 19, 2025
The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session... High Unreviewed
CVE-2025-63219 was published Nov 19, 2025
The Axel Technology WOLF1MS and WOLF2MS devices (firmware versions 0.8.5 to 1.0.3) are vulnerable... Critical Unreviewed
CVE-2025-63218 was published Nov 19, 2025
The Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access... Critical Unreviewed
CVE-2025-63225 was published Nov 18, 2025
Incorrect access control in mihomo v1.19.11 allows authenticated attackers with low-level... Moderate Unreviewed
CVE-2025-56499 was published Nov 18, 2025
A vulnerability in the SSH restricted shell interface of the network management services allows... High Unreviewed
CVE-2025-37155 was published Nov 18, 2025
Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source... High Unreviewed
CVE-2025-41737 was published Nov 18, 2025
A security vulnerability has been detected in Iqbolshoh php-business-website up to... Moderate Unreviewed
CVE-2025-13275 was published Nov 17, 2025
A security vulnerability has been detected in Jiusi OA up to 20251102. This affects an unknown... Moderate Unreviewed
CVE-2025-13249 was published Nov 16, 2025
A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this... Moderate Unreviewed
CVE-2025-13238 was published Nov 16, 2025
A vulnerability has been found in DouPHP up to 1.8 Release 20251022. This impacts an unknown... Moderate Unreviewed
CVE-2025-13198 was published Nov 15, 2025
The Qi Blocks plugin for WordPress is vulnerable to unauthorized access due to a missing... Moderate Unreviewed
CVE-2025-12182 was published Nov 15, 2025
Directus has Improper Permission Handling on Deleted Fields Moderate
CVE-2025-64746 was published for directus (npm) Nov 14, 2025
beafn28
Credited to beafn28
A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an... Moderate Unreviewed
CVE-2025-13185 was published Nov 14, 2025
A weakness has been identified in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af.... Moderate Unreviewed
CVE-2025-9800 was published Nov 14, 2025
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... Moderate Unreviewed
CVE-2025-54561 was published Nov 14, 2025
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... Critical Unreviewed
CVE-2025-54343 was published Nov 14, 2025
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... Critical Unreviewed
CVE-2025-54339 was published Nov 14, 2025
@apollo/composition has Improper Enforcement of Access Control on Interface Types and Fields High
CVE-2025-64530 was published for @apollo/composition (npm) Nov 14, 2025
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain an Improper Access... Moderate Unreviewed
CVE-2025-46362 was published Nov 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database