Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,420 advisories

Loading
In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can bypass login by sending a specific... Critical Unreviewed
CVE-2025-51451 was published Aug 13, 2025
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over... High Unreviewed
CVE-2025-53778 was published Aug 12, 2025
A vulnerability has been found in WinterChenS my-site up to... Moderate Unreviewed
CVE-2025-8838 was published Aug 11, 2025
On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments... High Unreviewed
CVE-2025-53786 was published Aug 6, 2025
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This... Moderate Unreviewed
CVE-2025-8546 was published Aug 5, 2025
A vulnerability has been found in Kehua Charging Pile Cloud Platform 1.0 and classified as... Moderate Unreviewed
CVE-2025-8348 was published Jul 31, 2025
Unauthorized access and impersonation can occur in versions 4.6.2.3226 and below of Progress... High Unreviewed
CVE-2025-6505 was published Jul 29, 2025
An issue in the OTP mechanism of Chavara Family Welfare Centre Chavara Matrimony Site v2.0 allows... Critical Unreviewed
CVE-2025-45777 was published Jul 25, 2025
HCL IEM is affected by an improper invalidation of access or JWT token vulnerability.  A token... Low Unreviewed
CVE-2025-0249 was published Jul 25, 2025
A vulnerability in Imprivata Enterprise Access Management (formerly Imprivata OneSign) allows... High Unreviewed
CVE-2024-12310 was published Jul 23, 2025
Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows... High Unreviewed
CVE-2025-54452 was published Jul 23, 2025
Insufficient protection against brute-force and runtime manipulation in the local authentication... High Unreviewed
CVE-2025-41459 was published Jul 21, 2025
Due to insufficient verification, an attacker could use a malicious client to bypass... Critical Unreviewed
CVE-2024-6107 was published Jul 21, 2025
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft... Moderate Unreviewed
CVE-2025-53771 was published Jul 21, 2025
A vulnerability was found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical.... Moderate Unreviewed
CVE-2025-7897 was published Jul 20, 2025
A vulnerability classified as critical has been found in Metasoft 美特软件 MetaCRM up to 6.4.2. This... Moderate Unreviewed
CVE-2025-7875 was published Jul 20, 2025
A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical.... Moderate Unreviewed
CVE-2025-7862 was published Jul 20, 2025
An authentication bypass and disclosure of information vulnerability exists in HPE AutoPass... High Unreviewed
CVE-2025-37106 was published Jul 16, 2025
An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18. High Unreviewed
CVE-2025-37107 was published Jul 16, 2025
An improper access control vulnerability was found in the EZ Sync Manager of ADM, which allows... High Unreviewed
CVE-2025-7699 was published Jul 16, 2025
Authentication vulnerability in the mobile application(tech.palm.id)may lead to the risk of... Moderate Unreviewed
CVE-2025-7703 was published Jul 16, 2025
An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions... Critical Unreviewed
CVE-2025-52376 was published Jul 15, 2025
An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. High Unreviewed
CVE-2024-51767 was published Jul 14, 2025
A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100_AZ3,... High Unreviewed
CVE-2025-7574 was published Jul 14, 2025
An authentication issue was addressed with improved state management. This issue is fixed in App... Moderate Unreviewed
CVE-2025-31267 was published Jul 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database