Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,737
Maven
5,000+
npm
4,337
NuGet
764
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,750 advisories

Loading
Incorrect access control in mihomo v1.19.11 allows authenticated attackers with low-level... Moderate Unreviewed
CVE-2025-56499 was published Nov 18, 2025
A security vulnerability has been detected in Iqbolshoh php-business-website up to... Moderate Unreviewed
CVE-2025-13275 was published Nov 17, 2025
A security vulnerability has been detected in Jiusi OA up to 20251102. This affects an unknown... Moderate Unreviewed
CVE-2025-13249 was published Nov 16, 2025
A weakness has been identified in Bdtask Flight Booking Software 4. Affected by this... Moderate Unreviewed
CVE-2025-13238 was published Nov 16, 2025
A vulnerability has been found in DouPHP up to 1.8 Release 20251022. This impacts an unknown... Moderate Unreviewed
CVE-2025-13198 was published Nov 15, 2025
The Qi Blocks plugin for WordPress is vulnerable to unauthorized access due to a missing... Moderate Unreviewed
CVE-2025-12182 was published Nov 15, 2025
Directus has Improper Permission Handling on Deleted Fields Moderate
CVE-2025-64746 was published for directus (npm) Nov 14, 2025
beafn28
Credited to beafn28
A security flaw has been discovered in Bdtask/CodeCanyon News365 up to 7.0.3. This affects an... Moderate Unreviewed
CVE-2025-13185 was published Nov 14, 2025
A weakness has been identified in SimStudioAI sim up to ed9b9ad83f1a7c61f4392787fb51837d34eeb0af.... Moderate Unreviewed
CVE-2025-9800 was published Nov 14, 2025
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... Moderate Unreviewed
CVE-2025-54561 was published Nov 14, 2025
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain an Improper Access... Moderate Unreviewed
CVE-2025-46362 was published Nov 13, 2025
Keyfactor SignServer before 7.3.1 has Incorrect Access Control, issue 1 of 3. Moderate Unreviewed
CVE-2025-47220 was published Nov 13, 2025
Keyfactor SignServer before 7.3.1 has Incorrect Access Control, issue 3 of 3. Moderate Unreviewed
CVE-2025-47222 was published Nov 13, 2025
Keyfactor SignServer before 7.3.1 has Incorrect Access Control, issue 2 of 3. Moderate Unreviewed
CVE-2025-47221 was published Nov 13, 2025
A vulnerability was detected in itsourcecode Online Voting System 1.0. This impacts an unknown... Moderate Unreviewed
CVE-2025-13061 was published Nov 12, 2025
Improper access control in Microsoft Configuration Manager allows an authorized attacker to... Moderate Unreviewed
CVE-2025-47179 was published Nov 11, 2025
Improper access control for some SigTest before version 6.1.10 within Ring 3: User Applications... Moderate Unreviewed
CVE-2025-22391 was published Nov 11, 2025
Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within... Moderate Unreviewed
CVE-2025-24516 was published Nov 11, 2025
BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP... Moderate Unreviewed
CVE-2025-60876 was published Nov 10, 2025
A vulnerability was identified in projectworlds Online Notes Sharing Platform 1.0. Affected by... Moderate Unreviewed
CVE-2025-12862 was published Nov 7, 2025
There is an arbitrary file download vulnerability in GuoMinJim PersonManage thru commit... Moderate Unreviewed
CVE-2025-63686 was published Nov 7, 2025
Improper access control in Devolutions Server 2025.3.5.0 and earlier allows a View-only user to... Moderate Unreviewed
CVE-2025-12808 was published Nov 6, 2025
A vulnerability in the XiaozhangBang Voluntary Like System V8.8 allows remote attackers to... Moderate Unreviewed
CVE-2025-60784 was published Nov 5, 2025
This issue was addressed by restricting options offered on a locked device. This issue is fixed... Moderate Unreviewed
CVE-2025-43418 was published Nov 5, 2025
Apache Doris-MCP-Server: Improper Access Control results in bypassing a "read-only" mode Moderate
CVE-2025-58337 was published for doris-mcp-server (pip) Nov 5, 2025
lirantal
Credited to lirantal
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database