Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,654 advisories

Loading
Tenda AC15 v15.03.05.18_multi) issues an authentication cookie that exposes the account password... Critical Unreviewed
CVE-2025-63666 was published Nov 12, 2025
Incorrect access control in SIMICAM v1.16.41-20250725, KEVIEW v1.14.92-20241120, ASECAM v1.14.10... High Unreviewed
CVE-2025-63667 was published Nov 12, 2025
Improper access control in Windows Client-Side Caching (CSC) Service allows an authorized... High Unreviewed
CVE-2025-60705 was published Nov 11, 2025
Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized... High Unreviewed
CVE-2025-59512 was published Nov 11, 2025
Improper access control in Microsoft Configuration Manager allows an authorized attacker to... Moderate Unreviewed
CVE-2025-47179 was published Nov 11, 2025
Improper access control for some Intel(R) PresentMon before version 2.3.1 within Ring 3: User... Low Unreviewed
CVE-2025-32037 was published Nov 11, 2025
Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within... Moderate Unreviewed
CVE-2025-24516 was published Nov 11, 2025
Improper access control for some SigTest before version 6.1.10 within Ring 3: User Applications... Moderate Unreviewed
CVE-2025-22391 was published Nov 11, 2025
Improper access control for some Intel(R) CIP software before version WIN_DCA_2.4.0.11001 within... Low Unreviewed
CVE-2025-24314 was published Nov 11, 2025
BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP... Moderate Unreviewed
CVE-2025-60876 was published Nov 10, 2025
Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw... Critical Unreviewed
CVE-2025-12480 was published Nov 10, 2025
A vulnerability was identified in projectworlds Online Notes Sharing Platform 1.0. Affected by... Moderate Unreviewed
CVE-2025-12862 was published Nov 7, 2025
There is an arbitrary file download vulnerability in GuoMinJim PersonManage thru commit... Moderate Unreviewed
CVE-2025-63686 was published Nov 7, 2025
An issue was discovered in AnyDesk through 9.0.4. A remotely connected user with the "Control my... High Unreviewed
CVE-2025-27919 was published Nov 6, 2025
Improper access control in Devolutions Server 2025.3.5.0 and earlier allows a View-only user to... Moderate Unreviewed
CVE-2025-12808 was published Nov 6, 2025
Apollo Router Improperly Enforces Renamed Access Control Directives High
CVE-2025-64347 was published for apollo-router (Rust) Nov 6, 2025
sachindshinde
Credited to sachindshinde
A vulnerability in the XiaozhangBang Voluntary Like System V8.8 allows remote attackers to... Moderate Unreviewed
CVE-2025-60784 was published Nov 5, 2025
This issue was addressed by restricting options offered on a locked device. This issue is fixed... Moderate Unreviewed
CVE-2025-43418 was published Nov 5, 2025
An Incorrect Access Control vulnerability in the user management component of ZwiiCMS up to v13.6... High Unreviewed
CVE-2025-57130 was published Nov 5, 2025
Apache Doris-MCP-Server: Improper Access Control results in bypassing a "read-only" mode Moderate
CVE-2025-58337 was published for doris-mcp-server (pip) Nov 5, 2025
lirantal
Credited to lirantal
This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2025-43499 was published Nov 4, 2025
An authorization issue was addressed with improved state management. This issue is fixed in iOS... Moderate Unreviewed
CVE-2025-43498 was published Nov 4, 2025
A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.1 and... High Unreviewed
CVE-2025-43502 was published Nov 4, 2025
A logic issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1... High Unreviewed
CVE-2025-43450 was published Nov 4, 2025
This issue was addressed through improved state management. This issue is fixed in iOS 26.1 and... High Unreviewed
CVE-2025-43454 was published Nov 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database