Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

491 advisories

Loading
Authorization Bypass Through User-Controlled Key, CWE - 862 - Missing Authorization, – Improper... Moderate Unreviewed
CVE-2025-8532 was published Sep 19, 2025
Permission verification vulnerability in the media library module Impact: Successful exploitation... Moderate Unreviewed
CVE-2024-57954 was published Feb 6, 2025
Access permission verification vulnerability in the Notepad module Impact: Successful... Low Unreviewed
CVE-2024-42036 was published Aug 8, 2024
Access permission verification vulnerability in the Contacts module Impact: Successful... Moderate Unreviewed
CVE-2024-42032 was published Aug 8, 2024
Access control vulnerability in the SystemUI module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-42039 was published Sep 4, 2024
Permission control vulnerability in the clipboard module Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-51525 was published Nov 5, 2024
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8. An... Moderate Unreviewed
CVE-2025-43231 was published Sep 16, 2025
An authorization issue was addressed with improved state management. This issue is fixed in tvOS... Critical Unreviewed
CVE-2025-31255 was published Sep 16, 2025
Authorization Bypass Through User-Controlled Key, Externally Controlled Reference to a Resource... Moderate Unreviewed
CVE-2025-8057 was published Sep 16, 2025
In version 0.7.8 of danny-avila/librechat, improper authorization controls in the conversation... Moderate Unreviewed
CVE-2025-6088 was published Sep 11, 2025
In getDestinationForApp of SpaAppBridgeActivity, there is a possible cross-user file reveal due... High Unreviewed
CVE-2025-26430 was published Sep 5, 2025
A vulnerability has been found in macrozheng mall up to 1.0.3. This affects the function... Moderate Unreviewed
CVE-2025-9835 was published Sep 3, 2025
A vulnerability was found in macrozheng mall up to 1.0.3. This vulnerability affects the function... Moderate Unreviewed
CVE-2025-9836 was published Sep 3, 2025
The LWSCache plugin for WordPress is vulnerable to unauthorized modification of data due to... Moderate Unreviewed
CVE-2025-8147 was published Aug 29, 2025
Improper authorization in Microsoft PC Manager allows an unauthorized attacker to elevate... Critical Unreviewed
CVE-2025-53795 was published Aug 21, 2025
The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-7221 was published Aug 21, 2025
The Icons Factory plugin for WordPress is vulnerable to Arbitrary File Deletion due to... Critical Unreviewed
CVE-2025-7778 was published Aug 15, 2025
A vulnerability, which was classified as problematic, has been found in LitmusChaos Litmus up to... Moderate Unreviewed
CVE-2025-8794 was published Aug 10, 2025
A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been classified as... Moderate Unreviewed
CVE-2025-8789 was published Aug 10, 2025
A vulnerability was found in macrozheng mall up to 1.0.3 and classified as problematic. This... Moderate Unreviewed
CVE-2025-8755 was published Aug 9, 2025
Certain MQTT wildcards are not blocked on the CyberPower PowerPanel system, which might result... Moderate Unreviewed
CVE-2024-31409 was published May 15, 2024
Azure Portal Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-53792 was published Aug 7, 2025
The HT Mega – Absolute Addons For Elementor plugin for WordPress is vulnerable to Sensitive... Moderate Unreviewed
CVE-2025-8401 was published Jul 31, 2025
Multiple vulnerabilities in the API of Cisco DNA Center Software could allow an authenticated,... Moderate Unreviewed
CVE-2023-20182 was published May 18, 2023
A vulnerability was found in jerryshensjf JPACookieShop 蛋糕商城JPA版 1.0 and classified as critical.... Moderate Unreviewed
CVE-2025-7938 was published Jul 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database