Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,196
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,483
Pub
12
RubyGems
992
Rust
1,186
Swift
51
Unreviewed advisories
All unreviewed
5,000+

1,449 advisories

Loading
An issue was discovered in Ruoyi 4.8.1 allowing attackers to gain escalated privileges due to the... High Unreviewed
CVE-2025-56396 was published Nov 26, 2025
Ruoyi v4.8.0 is vulnerable to Incorrect Access Control. There is a missing checkUserDataScope... High Unreviewed
CVE-2025-46175 was published Nov 26, 2025
Ruoyi v4.8.0 vulnerable to Incorrect Access Control. There is a missing checkUserDataScope... High Unreviewed
CVE-2025-46174 was published Nov 26, 2025
Better Auth Passkey Plugin allows passkey deletion through IDOR High
GHSA-4vcf-q4xf-f48m was published for @better-auth/passkey (npm) Nov 25, 2025
goksan Credited to goksan
Primakon Pi Portal 1.0.18 /api/v2/pp_users endpoint fails to adequately check user permissions... High Unreviewed
CVE-2025-64064 was published Nov 25, 2025
Primakon Pi Portal 1.0.18 REST /api/v2/user/register endpoint suffers from a Broken Access... High Unreviewed
CVE-2025-64066 was published Nov 25, 2025
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... High Unreviewed
CVE-2025-54563 was published Nov 25, 2025
An Incorrect Access Control vulnerability was found in the Application Server of Desktop Alert... High Unreviewed
CVE-2025-54338 was published Nov 25, 2025
Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in... High Unreviewed
CVE-2025-48986 was published Nov 20, 2025
The ITEL ISO FM SFN Adapter (firmware ISO2 2.0.0.0, WebServer 2.0) is vulnerable to session... High Unreviewed
CVE-2025-63219 was published Nov 19, 2025
A vulnerability in the SSH restricted shell interface of the network management services allows... High Unreviewed
CVE-2025-37155 was published Nov 18, 2025
Due to webserver misconfiguration an unauthenticated remote attacker is able to read the source... High Unreviewed
CVE-2025-41737 was published Nov 18, 2025
@apollo/composition has Improper Enforcement of Access Control on Interface Types and Fields High
CVE-2025-64530 was published for @apollo/composition (npm) Nov 14, 2025
The issue was addressed by refusing external connections by default. This issue is fixed in... High Unreviewed
CVE-2025-43515 was published Nov 13, 2025
A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote... High Unreviewed
CVE-2025-20341 was published Nov 13, 2025
Incorrect access control in SIMICAM v1.16.41-20250725, KEVIEW v1.14.92-20241120, ASECAM v1.14.10... High Unreviewed
CVE-2025-63667 was published Nov 12, 2025
Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized... High Unreviewed
CVE-2025-60705 was published Nov 11, 2025
Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized... High Unreviewed
CVE-2025-59512 was published Nov 11, 2025
An issue was discovered in AnyDesk through 9.0.4. A remotely connected user with the "Control my... High Unreviewed
CVE-2025-27919 was published Nov 6, 2025
Apollo Router Improperly Enforces Renamed Access Control Directives High
CVE-2025-64347 was published for apollo-router (Rust) Nov 6, 2025
sachindshinde Credited to sachindshinde
An Incorrect Access Control vulnerability in the user management component of ZwiiCMS up to v13.6... High Unreviewed
CVE-2025-57130 was published Nov 5, 2025
A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.1 and... High Unreviewed
CVE-2025-43502 was published Nov 4, 2025
This issue was addressed through improved state management. This issue is fixed in iOS 26.1 and... High Unreviewed
CVE-2025-43454 was published Nov 4, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1... High Unreviewed
CVE-2025-43450 was published Nov 4, 2025
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS... High Unreviewed
CVE-2025-43476 was published Nov 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database