Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,894 advisories

Loading
Improper Authentication vulnerability in WF Steuerungstechnik GmbH airleader MASTER allows... Critical Unreviewed
CVE-2025-5597 was published Jun 4, 2025
The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a... Critical Unreviewed
CVE-2021-42949 was published Sep 17, 2022
A vulnerability, which was classified as critical, was found in quequnlong shiyi-blog up to 1.2.1... Moderate Unreviewed
CVE-2025-5512 was published Jun 3, 2025
The location module has a vulnerability of bypassing permission verification.Successful... Critical Unreviewed
CVE-2022-39007 was published Sep 17, 2022
The WLAN module has a vulnerability in permission verification. Successful exploitation of this... Critical Unreviewed
CVE-2022-39009 was published Sep 17, 2022
A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has been classified as critical.... Moderate Unreviewed
CVE-2025-5495 was published Jun 3, 2025
An authentication bypass vulnerability exists in HPE StoreOnce Software. Critical Unreviewed
CVE-2025-37093 was published Jun 2, 2025
A vulnerability classified as critical has been found in Multilaser Sirius RE016 MLT1.0. Affected... Moderate Unreviewed
CVE-2025-5437 was published Jun 2, 2025
An authentication issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed
CVE-2025-31264 was published May 30, 2025
Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11... Moderate Unreviewed
CVE-2025-48746 was published May 28, 2025
In GFOS Workforce Management 4.8.272.1, the login page of application is prone to authentication... High Unreviewed
CVE-2021-38618 was published May 24, 2022
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses... High Unreviewed
CVE-2022-34908 was published Feb 27, 2023
An issue has been discovered in GitLab CE/EE affecting all versions from 16.8 before 17.10.7, 17... Moderate Unreviewed
CVE-2025-0605 was published May 22, 2025
The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for... Critical Unreviewed
CVE-2022-28321 was published Sep 20, 2022
TeslaMate before 1.25.1 (when using the default Docker configuration) allows attackers to open... Critical Unreviewed
CVE-2022-23126 was published Jan 25, 2022
Rancher does not Properly Validate Account Bindings in SAML Authentication Enables User Impersonation on First Login High
CVE-2025-23389 was published for github.com/rancher/rancher (Go) Feb 27, 2025
AnonySE26
A vulnerability, which was classified as critical, has been found in Gowabby HFish 0.1. This... Moderate Unreviewed
CVE-2025-5247 was published May 27, 2025
A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by... Moderate Unreviewed
CVE-2025-5149 was published May 25, 2025
An issue in Ocuco Innovation - REPORTS.EXE v2.10.24.13 allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-41198 was published May 22, 2025
An issue in Ocuco Innovation - INVCLIENT.EXE v2.10.24.5 allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-41197 was published May 22, 2025
An issue in Ocuco Innovation - INNOVASERVICEINTF.EXE v2.10.24.17 allows attackers to bypass... Critical Unreviewed
CVE-2024-41195 was published May 22, 2025
An issue in Ocuco Innovation - REPORTSERVER.EXE v2.10.24.13 allows attackers to bypass... Critical Unreviewed
CVE-2024-41196 was published May 22, 2025
In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3... Moderate Unreviewed
CVE-2019-13531 was published May 24, 2022
In Medtronic MinMed 508 and Medtronic Minimed Paradigm Insulin Pumps, Versions, MiniMed 508 pump ... High Unreviewed
CVE-2019-10964 was published May 24, 2022
Medtronic MyCareLink Smart 25000 all versions contain an authentication protocol vuln where the... High Unreviewed
CVE-2020-25183 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database