Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,884
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,202
NuGet
743
pip
3,977
Pub
12
RubyGems
947
Rust
1,033
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,410 advisories

Loading
phpMyFAQ duplicate email registration allows multiple accounts with the same email High
CVE-2025-59943 was published for thorsten/phpmyfaq (Composer) Oct 3, 2025
halas98
In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions... Moderate Unreviewed
CVE-2025-20366 was published Oct 1, 2025
IBM Transformation Extender Advanced 10.0.1 could allow a local user to perform unauthorized... Moderate Unreviewed
CVE-2023-50300 was published Oct 1, 2025
DX Unified Infrastructure Management (Nimsoft/UIM) and below contains an improper ACL handling... High Unreviewed
CVE-2025-10847 was published Oct 1, 2025
FormCMS has an improper access control vulnerability in the /api/schemas/history/[schemaId] endpoint Moderate
CVE-2025-55797 was published for FormCMS (NuGet) Sep 30, 2025
The SmartCrawl SEO checker, analyzer & optimizer plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-11163 was published Sep 30, 2025
An issue was discovered in file AssistantController.java in ThriveX Blogging Framework 2.5.9 thru... Critical Unreviewed
CVE-2025-57266 was published Sep 29, 2025
In the Payeer Android application 2.5.0, an improper access control vulnerability exists in the... Moderate Unreviewed
CVE-2025-57197 was published Sep 29, 2025
IBM License Metric Tool 9.2.0 through 9.2.40 could allow an authenticated user to bypass access... Moderate Unreviewed
CVE-2025-36351 was published Sep 29, 2025
A flaw has been found in YiFang CMS up to 2.0.2. The impacted element is the function webUploader... Moderate Unreviewed
CVE-2025-11136 was published Sep 29, 2025
A security vulnerability has been detected in Projectworlds Online Tours and Travels 1.0.... Moderate Unreviewed
CVE-2025-11103 was published Sep 28, 2025
A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. Affected by this... Moderate Unreviewed
CVE-2025-11078 was published Sep 27, 2025
An issue was discovered in Stormshield Network Security (SNS) before 5.0.1. TPM authentication... High Unreviewed
CVE-2025-48707 was published Sep 25, 2025
This vulnerability exists in the Syrotech SY-GPON-2010-WADONT router due to improper access... High Unreviewed
CVE-2025-10957 was published Sep 25, 2025
A vulnerability in the access control list (ACL) programming of Cisco IOS XE Software for Cisco... Moderate Unreviewed
CVE-2025-20316 was published Sep 24, 2025
A vulnerability in the access control list (ACL) processing of IPv4 packets of Cisco SD-WAN vEdge... Moderate Unreviewed
CVE-2025-20339 was published Sep 24, 2025
danny-avila/librechat is affected by an authorization bypass vulnerability due to improper access... Moderate Unreviewed
CVE-2025-7106 was published Sep 23, 2025
A flaw was found in the Lightspeed history service. Insufficient access controls allow a local,... High Unreviewed
CVE-2025-5962 was published Sep 22, 2025
A security vulnerability has been detected in Selleo Mentingo up to 2025.08.27. The affected... Moderate Unreviewed
CVE-2025-10741 was published Sep 22, 2025
A vulnerability was detected in Selleo Mentingo 2025.08.27. The impacted element is an unknown... Moderate Unreviewed
CVE-2025-10755 was published Sep 22, 2025
A vulnerability was determined in academico-sis academico up to... Moderate Unreviewed
CVE-2025-10763 was published Sep 22, 2025
The 2wcom IP-4c 2.15.5 device suffers from a Broken Access Control vulnerability. Certain... Moderate Unreviewed
CVE-2025-57438 was published Sep 22, 2025
A vulnerability was detected in Airsonic-Advanced up to 10.6.0. This vulnerability affects... Moderate Unreviewed
CVE-2025-10669 was published Sep 18, 2025
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker... High Unreviewed
CVE-2025-23329 was published Sep 18, 2025
A vulnerability was identified in itsourcecode E-Commerce Website 1.0. This impacts an unknown... Moderate Unreviewed
CVE-2025-10615 was published Sep 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database