Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,811
Erlang
36
GitHub Actions
32
Go
2,396
Maven
5,000+
npm
4,033
NuGet
721
pip
3,824
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

857 advisories

Loading
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52446 was published Jul 25, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52447 was published Jul 25, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52448 was published Jul 25, 2025
Authorization bypass in update_user_group in onyx-dot-app Onyx Enterprise Edition 0.27.0 allows... Moderate Unreviewed
CVE-2025-51479 was published Jul 22, 2025
Ai2 playground web service (playground.allenai.org) LLM chat through 2025-06-03 is vulnerable to... High Unreviewed
CVE-2025-51865 was published Jul 22, 2025
Insecure Direct Object Reference (IDOR) vulnerability in Deepfiction AI (deepfiction.ai) thru... Moderate Unreviewed
CVE-2025-51867 was published Jul 22, 2025
An authorization bypass vulnerability exists in ETQ Reliance (legacy CG and NXG SaaS platforms).... High Unreviewed
CVE-2025-34140 was published Jul 22, 2025
Powermail extension for TYPO3 allows Insecure Direct Object Reference Moderate
CVE-2025-7899 was published for in2code/powermail (Composer) Jul 22, 2025
Femanager extension for TYPO3 allows Insecure Direct Object Reference Moderate
CVE-2025-7900 was published for in2code/femanager (Composer) Jul 22, 2025
Insecure Direct Object Reference (IDOR) vulnerability in Dippy (chat.dippy.ai) v2 allows... High Unreviewed
CVE-2025-51868 was published Jul 21, 2025
Insecure Direct Object Reference (IDOR) vulnerability in Liner thru 2025-06-03 allows attackers... High Unreviewed
CVE-2025-51869 was published Jul 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in PAVO Inc. PAVO Pay allows... High Unreviewed
CVE-2025-4129 was published Jul 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Turpak Automatic Station... High Unreviewed
CVE-2025-4040 was published Jul 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Turtek Software Eyotek allows... Moderate Unreviewed
CVE-2025-5681 was published Jul 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Akbim Software Online Exam... Moderate Unreviewed
CVE-2025-2301 was published Jul 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Turtek Software Eyotek allows... High Unreviewed
CVE-2025-1469 was published Jul 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Vidco Software VOC TESTER... Moderate Unreviewed
CVE-2024-13175 was published Jul 18, 2025
Indico vulnerability allows attackers to bulk dump user details Moderate
CVE-2025-53640 was published for indico (pip) Jul 14, 2025
rafaelcorvino1 rildosouza
nmmorette
The Support Board plugin for WordPress is vulnerable to unauthorized access/modification/deletion... Critical Unreviewed
CVE-2025-4855 was published Jul 9, 2025
The distributed engine of Secret Server versions 11.7.49 and earlier can be exploited during an... Low Unreviewed
CVE-2025-6942 was published Jul 2, 2025
The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is... High Unreviewed
CVE-2025-3848 was published Jul 2, 2025
PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Insecure Direct Object... Moderate Unreviewed
CVE-2025-50693 was published Jun 26, 2025
An low privileged remote attacker in possession of the second factor for another user can login... High Unreviewed
CVE-2025-3091 was published Jun 26, 2025
A vulnerability, which was classified as problematic, was found in xxyopen/201206030 novel-plus... Low Unreviewed
CVE-2025-6534 was published Jun 26, 2025
Authorization Bypass Through User-Controlled Key vulnerability in dFactory Download Attachments... Moderate Unreviewed
CVE-2025-49995 was published Jun 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database