Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,896 advisories

Loading
JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 (2025-05-19) contains incorrect authentication... Critical Unreviewed
CVE-2025-50901 was published Aug 20, 2025
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit... High Unreviewed
CVE-2024-57491 was published Aug 20, 2025
A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects... Moderate Unreviewed
CVE-2025-9100 was published Aug 18, 2025
A vulnerability was identified in code-projects Hostel Management System 1.0. This affects an... Moderate Unreviewed
CVE-2025-8964 was published Aug 14, 2025
In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can bypass login by sending a specific... Critical Unreviewed
CVE-2025-51451 was published Aug 13, 2025
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over... High Unreviewed
CVE-2025-53778 was published Aug 12, 2025
Komari vulnerable to 2FA Authentication Bypass High
GHSA-jhmr-57cj-q6g9 was published for github.com/komari-monitor/komari (Go) Aug 12, 2025
imlonghao
A vulnerability has been found in WinterChenS my-site up to... Moderate Unreviewed
CVE-2025-8838 was published Aug 11, 2025
@fedify/fedify has Improper Authentication and Incorrect Authorization High
CVE-2025-54888 was published for @fedify/fedify (npm) Aug 8, 2025
allouis dahlia
On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments... High Unreviewed
CVE-2025-53786 was published Aug 6, 2025
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This... Moderate Unreviewed
CVE-2025-8546 was published Aug 5, 2025
A vulnerability has been found in Kehua Charging Pile Cloud Platform 1.0 and classified as... Moderate Unreviewed
CVE-2025-8348 was published Jul 31, 2025
Unauthorized access and impersonation can occur in versions 4.6.2.3226 and below of Progress... High Unreviewed
CVE-2025-6505 was published Jul 29, 2025
Node-SAML SAML Signature Verification Vulnerability Critical
CVE-2025-54419 was published for @node-saml/node-saml (npm) Jul 28, 2025
ahacker1-securesaml cjbarth
An issue in the OTP mechanism of Chavara Family Welfare Centre Chavara Matrimony Site v2.0 allows... Critical Unreviewed
CVE-2025-45777 was published Jul 25, 2025
Node-SAML SAML Authentication Bypass Critical
CVE-2025-54369 was published for @node-saml/node-saml (npm) Jul 25, 2025
ahacker1-securesaml cjbarth
HCL IEM is affected by an improper invalidation of access or JWT token vulnerability.  A token... Low Unreviewed
CVE-2025-0249 was published Jul 25, 2025
A vulnerability in Imprivata Enterprise Access Management (formerly Imprivata OneSign) allows... High Unreviewed
CVE-2024-12310 was published Jul 23, 2025
Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows... High Unreviewed
CVE-2025-54452 was published Jul 23, 2025
Alchemy Non-SMA and Webauthn Account Security Advisory High
GHSA-56r6-ccm5-8hg3 was published for @account-kit/smart-contracts (npm) Jul 21, 2025
carlos-cow
Insufficient protection against brute-force and runtime manipulation in the local authentication... High Unreviewed
CVE-2025-41459 was published Jul 21, 2025
Due to insufficient verification, an attacker could use a malicious client to bypass... Critical Unreviewed
CVE-2024-6107 was published Jul 21, 2025
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft... Moderate Unreviewed
CVE-2025-53771 was published Jul 21, 2025
A vulnerability was found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical.... Moderate Unreviewed
CVE-2025-7897 was published Jul 20, 2025
A vulnerability classified as critical has been found in Metasoft 美特软件 MetaCRM up to 6.4.2. This... Moderate Unreviewed
CVE-2025-7875 was published Jul 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database