GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,966
Composer 5,074
Erlang 39
GitHub Actions 38
Go 2,737
Maven 6,146
npm 4,337
NuGet 764
pip 4,112
Pub 12
RubyGems 960
Rust 1,068
Swift 45

Unreviewed advisories

All unreviewed 279,874

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,204 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Access... Moderate Unreviewed

CVE-2025-64897 was published Dec 10, 2025

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Access... High Unreviewed

CVE-2025-61811 was published Dec 10, 2025

Improper access control in Windows Camera Frame Server Monitor allows an authorized attacker to... High Unreviewed

CVE-2025-62570 was published Dec 9, 2025

Improper access control in Storvsp.sys Driver allows an authorized attacker to elevate privileges... High Unreviewed

CVE-2025-64673 was published Dec 9, 2025

An improper access control vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.4,... Low Unreviewed

CVE-2025-59923 was published Dec 9, 2025

Improper access control in Windows Storage VSP Driver allows an authorized attacker to elevate... High Unreviewed

CVE-2025-59517 was published Dec 9, 2025

An improper access control vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2,... Moderate Unreviewed

CVE-2025-59810 was published Dec 9, 2025

Improper access control in Windows Remote Access Connection Manager allows an authorized attacker... High Unreviewed

CVE-2025-62474 was published Dec 9, 2025

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected... Moderate Unreviewed

CVE-2025-40939 was published Dec 9, 2025

An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the... High Unreviewed

CVE-2025-61229 was published Dec 1, 2025

A weakness has been identified in Willow CMS up to 1.4.0. Impacted is an unknown function of the... Moderate Unreviewed

CVE-2025-12331 was published Oct 28, 2025

A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted... Moderate Unreviewed

CVE-2025-14219 was published Dec 8, 2025

A flaw has been found in Verysync 微力同步 up to 2.21.3. This impacts an unknown function of the file... Moderate Unreviewed

CVE-2025-14199 was published Dec 7, 2025

A security flaw has been discovered in code-projects Employee Profile Management System 1.0.... Moderate Unreviewed

CVE-2025-14195 was published Dec 7, 2025

A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a... Moderate Unreviewed

CVE-2024-5814 was published Aug 27, 2024

Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows... High Unreviewed

CVE-2025-57212 was published Dec 4, 2025

Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows... High Unreviewed

CVE-2025-57213 was published Dec 4, 2025

A lack of Management Frame Protection in Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet... High Unreviewed

CVE-2025-63363 was published Dec 4, 2025

Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows... High Unreviewed

CVE-2025-57210 was published Dec 4, 2025

Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file ~... Moderate Unreviewed

CVE-2025-65841 was published Dec 3, 2025

Incorrect access control in youlai-boot v2.21.1 allows attackers to escalate privileges and... Critical Unreviewed

CVE-2025-55469 was published Nov 26, 2025

An issue was discovered in Ruoyi 4.8.1 allowing attackers to gain escalated privileges due to the... High Unreviewed

CVE-2025-56396 was published Nov 26, 2025

Ruoyi v4.8.0 vulnerable to Incorrect Access Control. There is a missing checkUserDataScope... High Unreviewed

CVE-2025-46174 was published Nov 26, 2025

A weakness has been identified in ashraf-kabir travel-agency up to... Moderate Unreviewed

CVE-2025-13544 was published Nov 23, 2025

Ruoyi v4.8.0 is vulnerable to Incorrect Access Control. There is a missing checkUserDataScope... High Unreviewed

CVE-2025-46175 was published Nov 26, 2025

Previous1…129 Next

Previous 1 2 3 4 5 … 128 129 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,204 advisories