Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,825
Erlang
36
GitHub Actions
32
Go
2,417
Maven
5,000+
npm
4,054
NuGet
723
pip
3,845
Pub
12
RubyGems
933
Rust
1,005
Swift
38
Unreviewed advisories
All unreviewed
5,000+

337 advisories

Loading
OpenFGA Authorization Bypass Moderate
CVE-2025-48371 was published for github.com/openfga/openfga (Go) May 23, 2025
udyvish
A vulnerability has been found in Summer Pearl Group Vacation Rental Management Platform up to 1... Moderate Unreviewed
CVE-2025-5182 was published May 26, 2025
Grafana's datasource proxy API allows authorization checks to be bypassed Moderate
CVE-2025-3454 was published for github.com/grafana/grafana (Go) Jun 2, 2025
A vulnerability was found in ScriptAndTools Real Estate Management System 1.0. It has been rated... Moderate Unreviewed
CVE-2025-6329 was published Jun 20, 2025
When a link can be opened in an external application, Firefox for Android will, by default,... Moderate Unreviewed
CVE-2025-6431 was published Jun 26, 2025
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE)... Moderate Unreviewed
CVE-2025-20264 was published Jun 26, 2025
Secure-upload is a data submission service that validates single-use tokens when accepting... Moderate Unreviewed
CVE-2025-53709 was published Jul 10, 2025
Directus' insufficient permission checks can enable unauthenticated users to manually trigger Flows Moderate
CVE-2025-53889 was published for directus (npm) Jul 15, 2025
licitdev
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web... Moderate Unreviewed
CVE-2025-50073 was published Jul 15, 2025
A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 and classified as critical.... Moderate Unreviewed
CVE-2025-7938 was published Jul 21, 2025
OAuth2-Proxy's `--gitlab-group` GitLab Group Authorization config flag stopped working in v7.0.0 Moderate
CVE-2021-21411 was published for github.com/oauth2-proxy/oauth2-proxy/v7 (Go) Jul 30, 2025
bohrasd
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-8401 was published Jul 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database