GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,997
Composer 5,075
Erlang 39
GitHub Actions 38
Go 2,744
Maven 6,162
npm 4,341
NuGet 765
pip 4,113
Pub 12
RubyGems 960
Rust 1,069
Swift 45

Unreviewed advisories

All unreviewed 280,076

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,205 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Access... Moderate Unreviewed

CVE-2025-64897 was published Dec 10, 2025

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Access... High Unreviewed

CVE-2025-61811 was published Dec 10, 2025

Improper access control in Storvsp.sys Driver allows an authorized attacker to elevate privileges... High Unreviewed

CVE-2025-64673 was published Dec 9, 2025

Improper access control in Windows Camera Frame Server Monitor allows an authorized attacker to... High Unreviewed

CVE-2025-62570 was published Dec 9, 2025

An improper access control vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.4,... Low Unreviewed

CVE-2025-59923 was published Dec 9, 2025

An improper access control vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.2,... Moderate Unreviewed

CVE-2025-59810 was published Dec 9, 2025

Improper access control in Windows Remote Access Connection Manager allows an authorized attacker... High Unreviewed

CVE-2025-62474 was published Dec 9, 2025

Improper access control in Windows Storage VSP Driver allows an authorized attacker to elevate... High Unreviewed

CVE-2025-59517 was published Dec 9, 2025

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0.1). The affected... Moderate Unreviewed

CVE-2025-40939 was published Dec 9, 2025

A weakness has been identified in Campcodes Retro Basketball Shoes Online Store 1.0. The impacted... Moderate Unreviewed

CVE-2025-14219 was published Dec 8, 2025

A flaw has been found in Verysync 微力同步 up to 2.21.3. This impacts an unknown function of the file... Moderate Unreviewed

CVE-2025-14199 was published Dec 7, 2025

A security flaw has been discovered in code-projects Employee Profile Management System 1.0.... Moderate Unreviewed

CVE-2025-14195 was published Dec 7, 2025

A lack of Management Frame Protection in Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet... High Unreviewed

CVE-2025-63363 was published Dec 4, 2025

Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows... High Unreviewed

CVE-2025-57212 was published Dec 4, 2025

Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows... High Unreviewed

CVE-2025-57213 was published Dec 4, 2025

Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows... High Unreviewed

CVE-2025-57210 was published Dec 4, 2025

Aquarius Desktop 3.0.069 for macOS stores user authentication credentials in the local file ~... Moderate Unreviewed

CVE-2025-65841 was published Dec 3, 2025

A vulnerability was identified in ProudMuBai GoFilm 1.0.0/1.0.1. Impacted is the function... Moderate Unreviewed

CVE-2025-13949 was published Dec 3, 2025

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a... Critical Unreviewed

CVE-2025-59703 was published Dec 2, 2025

Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows... High Unreviewed

CVE-2025-57489 was published Dec 1, 2025

An issue in Shirt Pocket's SuperDuper! 3.10 and earlier allow a local attacker to modify the... High Unreviewed

CVE-2025-61229 was published Dec 1, 2025

A weakness has been identified in moxi159753 Mogu Blog v2 up to 5.2. The affected element is an... Moderate Unreviewed

CVE-2025-13815 was published Dec 1, 2025

An unauthenticated administrative access vulnerability exists in the open-source HashTech project... Critical Unreviewed

CVE-2025-65276 was published Nov 26, 2025

Ruoyi v4.8.0 vulnerable to Incorrect Access Control. There is a missing checkUserDataScope... High Unreviewed

CVE-2025-46174 was published Nov 26, 2025

Incorrect access control in the getSubUsersByProvider function of OpenCode Systems USSD Gateway... Moderate Unreviewed

CVE-2025-65238 was published Nov 26, 2025

Previous1…129 Next

Previous 1 2 3 4 5 … 128 129 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,205 advisories