GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,666

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

136 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A flaw has been found in Frappe LMS 2.35.0. Impacted is an unknown function of the file /files/... Moderate Unreviewed

CVE-2025-11280 was published Oct 5, 2025

Profession Fit 5.0.99 Build 44910 allows authorization bypass via a direct request for /api... Moderate Unreviewed

CVE-2025-59797 was published Sep 22, 2025

A vulnerability has been found in roncoo roncoo-pay up to... Low Unreviewed

CVE-2025-10287 was published Sep 12, 2025

AIML Solutions for HCL SX is vulnerable to a URL validation vulnerability. The issue may allow... Moderate Unreviewed

CVE-2025-31971 was published Aug 28, 2025

In Sentry 25.1.0 through 25.5.1, an authenticated attacker can access a project's issue endpoint... Moderate Unreviewed

CVE-2025-53073 was published Jun 26, 2025

Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If... Moderate Unreviewed

CVE-2025-41404 was published Jun 26, 2025

Innoshop through 0.4.1 allows Insecure Direct Object Reference (IDOR) at multiple places within... Moderate Unreviewed

CVE-2025-52920 was published Jun 23, 2025

A vulnerability classified as problematic has been found in code-projects Automated Voting System... Moderate Unreviewed

CVE-2025-6352 was published Jun 20, 2025

Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct... Moderate Unreviewed

CVE-2025-46690 was published Apr 28, 2025

NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users... Moderate Unreviewed

CVE-2025-27581 was published Apr 24, 2025

An unauthenticated remote attacker can bypass the user management in CODESYS Visualization and... Moderate Unreviewed

CVE-2025-2595 was published Apr 23, 2025

The Oz Forensics face recognition application before 4.0.8 late 2023 allows PII retrieval via ... High Unreviewed

CVE-2025-32367 was published Apr 11, 2025

Direct request ('Forced Browsing') issue exists in CHOCO TEI WATCHER mini (IB-MCT001) all... Critical Unreviewed

CVE-2025-26689 was published Mar 31, 2025

Improper permission control vulnerability in the OXARI ServiceDesk application could allow an... Critical Unreviewed

CVE-2025-1542 was published Mar 26, 2025

A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital... Moderate Unreviewed

CVE-2025-2147 was published Mar 10, 2025

Grocy through 4.3.0 allows remote attackers to obtain sensitive information via direct requests... Moderate Unreviewed

CVE-2024-55075 was published Jan 6, 2025

A vulnerability classified as problematic has been found in ZKTeco ZKBio Time 9.0.1. Affected is... Moderate Unreviewed

CVE-2024-11049 was published Nov 10, 2024

Direct Request ('Forced Browsing') vulnerability in Apache OFBiz. This issue affects Apache... High Unreviewed

CVE-2024-45195 was published Sep 4, 2024

A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been... Moderate Unreviewed

CVE-2024-7753 was published Aug 14, 2024

An improper authentication vulnerability affecting Vonets industrial wifi bridge relays... Moderate Unreviewed

CVE-2024-42001 was published Aug 12, 2024

A compromised HMS Networks Cosy+ device could be used to request a Certificate Signing Request... Critical Unreviewed

CVE-2024-33897 was published Aug 6, 2024

A vulnerability classified as problematic has been found in Netgear WN604 up to 20240719.... Moderate Unreviewed

CVE-2024-7153 was published Jul 28, 2024

A vulnerability was found in SourceCodester Insurance Management System 1.0. It has been declared... Moderate Unreviewed

CVE-2024-7080 was published Jul 24, 2024

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed

CVE-2024-39867 was published Jul 9, 2024

A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed

CVE-2024-39868 was published Jul 9, 2024

Previous1…6 Next

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

136 advisories