Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,831
Erlang
36
GitHub Actions
33
Go
2,451
Maven
5,000+
npm
4,073
NuGet
723
pip
3,868
Pub
12
RubyGems
943
Rust
1,010
Swift
39
Unreviewed advisories
All unreviewed
5,000+

249 advisories

Loading
Authorization Bypass Through User-Controlled Key vulnerability in Pik Online Yazılım Çözümleri A... High Unreviewed
CVE-2025-5261 was published Aug 20, 2025
Authorization Bypass Through User-Controlled Key vulnerability in paymayapg Maya Business allows... High Unreviewed
CVE-2025-53208 was published Aug 20, 2025
Authorization Bypass Through User-Controlled Key vulnerability in ABB Aspect.This issue affects... High Unreviewed
CVE-2025-53189 was published Aug 11, 2025
The Eventin plugin for WordPress is vulnerable to privilege escalation via account takeover in... High Unreviewed
CVE-2025-4796 was published Aug 8, 2025
CWE-639 Authorization Bypass Through User-Controlled Key High Unreviewed
CVE-2025-46387 was published Aug 6, 2025
CWE-639 Authorization Bypass Through User-Controlled Key High Unreviewed
CVE-2025-46386 was published Aug 6, 2025
Insecure Direct Object Reference (IDOR) vulnerability in PdfHandler component in Agenzia Impresa... High Unreviewed
CVE-2025-51628 was published Aug 5, 2025
CS Cart 4.18.3 is vulnerable to Insecure Direct Object Reference (IDOR). The user profile... High Unreviewed
CVE-2025-50849 was published Jul 31, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52447 was published Jul 25, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52448 was published Jul 25, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on... High Unreviewed
CVE-2025-52446 was published Jul 25, 2025
Ai2 playground web service (playground.allenai.org) LLM chat through 2025-06-03 is vulnerable to... High Unreviewed
CVE-2025-51865 was published Jul 22, 2025
Insecure Direct Object Reference (IDOR) vulnerability in Liner thru 2025-06-03 allows attackers... High Unreviewed
CVE-2025-51869 was published Jul 21, 2025
Insecure Direct Object Reference (IDOR) vulnerability in Dippy (chat.dippy.ai) v2 allows... High Unreviewed
CVE-2025-51868 was published Jul 21, 2025
An authorization bypass vulnerability exists in ETQ Reliance (legacy CG and NXG SaaS platforms).... High Unreviewed
CVE-2025-34140 was published Jul 22, 2025
Authorization Bypass Through User-Controlled Key vulnerability in PAVO Inc. PAVO Pay allows... High Unreviewed
CVE-2025-4129 was published Jul 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Turpak Automatic Station... High Unreviewed
CVE-2025-4040 was published Jul 21, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Turtek Software Eyotek allows... High Unreviewed
CVE-2025-1469 was published Jul 21, 2025
An IDOR (Insecure Direct Object Reference) vulnerability exists in transformeroptimus/superagi... High Unreviewed
CVE-2024-12048 was published Mar 20, 2025
An improper access control vulnerability (IDOR) exists in the delete attachments functionality of... High Unreviewed
CVE-2024-10366 was published Mar 20, 2025
The Download Manager and Payment Form WordPress Plugin – WP SmartPay plugin for WordPress is... High Unreviewed
CVE-2025-3848 was published Jul 2, 2025
An low privileged remote attacker in possession of the second factor for another user can login... High Unreviewed
CVE-2025-3091 was published Jun 26, 2025
The Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible to an Insecure... High Unreviewed
CVE-2024-23747 was published Jan 29, 2024
The buddyboss-platform WordPress plugin before 2.7.60 lacks proper access controls and allows a... High Unreviewed
CVE-2024-12767 was published May 15, 2025
HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability.  A... High Unreviewed
CVE-2023-50342 was published Jan 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database