Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

970 advisories

Loading
An issue was discovered in Simmeth Lieferantenmanager before 5.6. An attacker can make various... Critical Unreviewed
CVE-2022-44013 was published Dec 25, 2022
Sierra Wireless AirLink Mobility Manager (AMM) before 2.17 mishandles sessions and thus an... Critical Unreviewed
CVE-2020-11101 was published Dec 26, 2022
TYPO3 vulnerable to authentication bypass via leveraging knowledge of password hash Critical
CVE-2014-3945 was published for typo3/cms (Composer) May 17, 2022
Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs interfaces, which can be... Critical Unreviewed
CVE-2016-9796 was published May 17, 2022
J-Web in Juniper Junos OS before 12.1X46-D45, 12.1X46-D50, 12.1X47 before 12.1X47-D35, 12.3... Critical Unreviewed
CVE-2016-1279 was published May 17, 2022
StreamX applications from versions 6.02.01 to 6.04.34 are affected by a logic bug that allows to... Critical Unreviewed
CVE-2022-4779 was published Dec 29, 2022
An authentication bypass vulnerability was found in Videx's CyberAudit-Web. Through the... Critical Unreviewed
CVE-2025-22375 was published Apr 10, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper... Critical Unreviewed
CVE-2025-30282 was published Apr 8, 2025
TP-Link SG105PE firmware prior to 'TL-SG105PE(UN) 1.0_1.0.0 Build 20221208' contains an... Critical Unreviewed
CVE-2023-22303 was published Jan 17, 2023
CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability... Critical Unreviewed
CVE-2025-2825 was published Mar 26, 2025
ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect Access Control. An attacker can... Critical Unreviewed
CVE-2021-43445 was published Jan 23, 2023
An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify,... Critical Unreviewed
CVE-2023-49105 was published Nov 22, 2023
This issue was addressed through improved state management. This issue is fixed in visionOS 2.4,... Critical Unreviewed
CVE-2025-30430 was published Apr 1, 2025
This vulnerability allows remote attackers to reset the password of anonymous users without... Critical Unreviewed
CVE-2024-2862 was published Mar 25, 2024
Vulnerability in Hewlett Packard Enterprise HPE Insight Cluster Management Utility (CMU).This... Critical Unreviewed
CVE-2024-13804 was published Mar 31, 2025
An issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass... Critical Unreviewed
CVE-2022-48066 was published Jan 27, 2023
A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to... Critical Unreviewed
CVE-2022-47003 was published Feb 1, 2023
An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the... Critical Unreviewed
CVE-2025-2746 was published Mar 24, 2025
An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the... Critical Unreviewed
CVE-2025-2747 was published Mar 24, 2025
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Bypassing of Device... Critical Unreviewed
CVE-2025-30114 was published Mar 18, 2025
Tripp Lite PDUMH15AT 12.04.0053 devices allow unauthenticated POST requests to the /Forms/... Critical Unreviewed
CVE-2019-16261 was published May 24, 2022
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote... Critical Unreviewed
CVE-2020-10148 was published May 24, 2022
The administrative web interface of a Netgear C7800 Router running firmware version 6.01.07 (and... Critical Unreviewed
CVE-2022-41545 was published Feb 18, 2025
Focus was incorrectly allowing internal links to utilize the app scheme used for deeplinking,... Critical Unreviewed
CVE-2024-10474 was published Oct 29, 2024
macrozheng mall-tiny 1.0.1 suffers from Insecure Permissions. The application's JWT signing keys... Critical Unreviewed
CVE-2024-57432 was published Jan 31, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database