GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,935
Composer 5,069
Erlang 39
GitHub Actions 38
Go 2,726
Maven 6,143
npm 4,331
NuGet 763
pip 4,107
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,299

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,654 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Incorrect access control in the Identity Provider service of usememos memos v0.25.2 allows... High Unreviewed

CVE-2025-65797 was published Dec 8, 2025

WildFly improper RBAC permission Moderate

CVE-2025-23367 was published for org.wildfly.core:wildfly-server (Maven) Jan 31, 2025

Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows... High Unreviewed

CVE-2025-65795 was published Dec 8, 2025

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to... Moderate Unreviewed

CVE-2025-65796 was published Dec 8, 2025

Incorrect access control in usememos memos v0.25.2 allows attackers with low-level privileges to... Moderate Unreviewed

CVE-2025-65798 was published Dec 8, 2025

An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the... High Unreviewed

CVE-2025-61229 was published Dec 1, 2025

A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the... Moderate Unreviewed

CVE-2025-12331 was published Oct 28, 2025

A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted... Moderate Unreviewed

CVE-2025-14219 was published Dec 8, 2025

A flaw has been found in Verysync 微力同步 up to 2.21.3. This impacts an unknown function of the file... Moderate Unreviewed

CVE-2025-14199 was published Dec 7, 2025

A security flaw has been discovered in code-projects Employee Profile Management System 1.0.... Moderate Unreviewed

CVE-2025-14195 was published Dec 7, 2025

A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a... Moderate Unreviewed

CVE-2024-5814 was published Aug 27, 2024

Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows... High Unreviewed

CVE-2025-57210 was published Dec 4, 2025

Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows... High Unreviewed

CVE-2025-57212 was published Dec 4, 2025

Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows... High Unreviewed

CVE-2025-57213 was published Dec 4, 2025

A lack of Management Frame Protection in Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet... High Unreviewed

CVE-2025-63363 was published Dec 4, 2025

Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file ~... Moderate Unreviewed

CVE-2025-65841 was published Dec 3, 2025

Incorrect access control in youlai-boot v2.21.1 allows attackers to escalate privileges and... Critical Unreviewed

CVE-2025-55469 was published Nov 26, 2025

Mattermost Server allows users with a session ID to revoke another users' session Moderate

CVE-2017-18878 was published for github.com/mattermost/mattermost-server (Go) May 24, 2022

open-webui is Vulnerable to Incorrect Access Control Low

CVE-2025-63681 was published for open-webui (pip) Dec 4, 2025

An issue was discovered in Ruoyi 4.8.1 allowing attackers to gain escalated privileges due to the... High Unreviewed

CVE-2025-56396 was published Nov 26, 2025

Ruoyi v4.8.0 vulnerable to Incorrect Access Control. There is a missing checkUserDataScope... High Unreviewed

CVE-2025-46174 was published Nov 26, 2025

Ruoyi v4.8.0 is vulnerable to Incorrect Access Control. There is a missing checkUserDataScope... High Unreviewed

CVE-2025-46175 was published Nov 26, 2025

A weakness has been identified in ashraf-kabir travel-agency up to... Moderate Unreviewed

CVE-2025-13544 was published Nov 23, 2025

Incorrect access control in the getSubUsersByProvider function of OpenCode Systems USSD Gateway... Moderate Unreviewed

CVE-2025-65238 was published Nov 26, 2025

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... Critical Unreviewed

CVE-2025-59703 was published Dec 2, 2025

Previous1…147 Next

Previous 1 2 3 4 5 … 146 147 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,654 advisories