Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

968 advisories

Loading
A vulnerability has been identified in SiPass integrated (All versions < V3.0). Affected server... Moderate Unreviewed
CVE-2025-40773 was published Oct 14, 2025
Liferay is Vulnerable to Authorization Bypass Through User-Controlled Key Moderate
CVE-2025-62252 was published for com.liferay.portal:com.liferay.portal.impl (Maven) Oct 13, 2025
Liferay Account Admin Web vulnerable to Authorization Bypass Through User-Controlled Key Moderate
CVE-2025-62242 was published for com.liferay:com.liferay.change.tracking.web (Maven) Oct 13, 2025
Liferay Commerce Order Content Web is Vulnerable to Authorization Bypass Through User-Controlled Key Moderate
CVE-2025-62241 was published for com.liferay.commerce:com.liferay.commerce.order.content.web (Maven) Oct 13, 2025
Liferay Publications vulnerable to Authorization Bypass Through User-Controlled Key Moderate
CVE-2025-62244 was published for com.liferay:com.liferay.change.tracking.web (Maven) Oct 13, 2025
Authorization Bypass Through User-Controlled Key vulnerability in AKIN Software Computer Import... High Unreviewed
CVE-2025-9902 was published Oct 13, 2025
HCL Unica Centralized Offer Management is vulnerable to Insecure Direct Object References (IDOR).... Moderate Unreviewed
CVE-2025-31997 was published Oct 12, 2025
The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to Insecure Direct... Moderate Unreviewed
CVE-2025-11518 was published Oct 11, 2025
The Lisfinity Core - Lisfinity Core plugin used for pebas® Lisfinity WordPress theme plugin for... High Unreviewed
CVE-2025-6038 was published Oct 9, 2025
Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authorization bypass through user... Moderate Unreviewed
CVE-2025-43724 was published Oct 8, 2025
Insecure Direct Object Reference (IDOR) in Negotiator v3.15.2 from Biobanking and Biomolecular... Moderate Unreviewed
CVE-2025-40676 was published Oct 7, 2025
Authorization Bypass Through User-Controlled Key vulnerability in Logo Software Inc. Logo Cloud... Moderate Unreviewed
CVE-2025-0606 was published Oct 6, 2025
Use of Hard-coded Credentials, Authorization Bypass Through User-Controlled Key vulnerability in... Moderate Unreviewed
CVE-2025-0642 was published Oct 2, 2025
IMPAQTR Aurora before 1.36 allows Insecure Direct Object Reference attacks against the users list... Moderate Unreviewed
CVE-2025-59687 was published Oct 1, 2025
Liferay Portal Vulnerable to IDOR via audit events Moderate
CVE-2025-43827 was published for com.liferay:com.liferay.portal.security.audit.storage.service (Maven) Sep 30, 2025
An Insecure Direct Object Reference (IDOR) in the /dashboard/notes endpoint of Syaqui... High Unreviewed
CVE-2025-56392 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41091 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41092 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41093 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41095 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41094 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41096 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41098 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41097 was published Sep 30, 2025
Insecure Direct Object Reference (IDOR) vulnerability in BOLD Workplanner in versions prior to 2... High Unreviewed
CVE-2025-41099 was published Sep 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database