Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,421 advisories

Loading
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code... High Unreviewed
CVE-2025-3935 was published Apr 25, 2025
The JobSearch WP Job Board plugin for WordPress is vulnerable to authentication bypass in all... High Unreviewed
CVE-2024-11917 was published Apr 25, 2025
BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2025-2771 was published Apr 23, 2025
An issue in Student Study Center Desk Management System v1.0 allows attackers to bypass... Critical Unreviewed
CVE-2023-44752 was published Apr 22, 2025
A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue... Moderate Unreviewed
CVE-2025-3850 was published Apr 22, 2025
Vulnerability in Hewlett Packard Enterprise HPE Performance Cluster Manager (HPCM).This issue... High Unreviewed
CVE-2025-27086 was published Apr 21, 2025
Vulnerability in the RDBMS Listener component of Oracle Database Server. Supported versions that... Moderate Unreviewed
CVE-2025-30733 was published Apr 15, 2025
An issue in the web socket handshake process of SteVe v3.7.1 allows attackers to bypass... Moderate Unreviewed
CVE-2024-44843 was published Apr 15, 2025
In JotUrl 2.0, is possible to bypass security requirements during the password change process. Moderate Unreviewed
CVE-2025-24949 was published Apr 15, 2025
In WhatsUp Gold versions released before 2024.0.3, a database manipulation vulnerability... Moderate Unreviewed
CVE-2025-2572 was published Apr 14, 2025
Spring Cloud Config Server may not use Vault token sent by clients using a X-CONFIG-TOKEN header... Moderate Unreviewed
CVE-2025-22232 was published Apr 10, 2025
An authentication bypass vulnerability was found in Videx's CyberAudit-Web. Through the... Critical Unreviewed
CVE-2025-22375 was published Apr 10, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper... High Unreviewed
CVE-2025-30287 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper... Critical Unreviewed
CVE-2025-30282 was published Apr 8, 2025
A vulnerability has been found in qinguoyi TinyWebServer up to 1.0 and classified as critical.... Moderate Unreviewed
CVE-2025-3268 was published Apr 4, 2025
Vulnerability in Drupal Material Admin.This issue affects Material Admin: *.*. Moderate Unreviewed
CVE-2025-3061 was published Apr 1, 2025
Vulnerability in Drupal Drupal Admin LTE theme.This issue affects Drupal Admin LTE theme: *.*. Moderate Unreviewed
CVE-2025-3062 was published Apr 1, 2025
A logic issue was addressed with improved state management. This issue is fixed in visionOS 2.4,... Moderate Unreviewed
CVE-2025-30432 was published Apr 1, 2025
This issue was addressed through improved state management. This issue is fixed in visionOS 2.4,... Critical Unreviewed
CVE-2025-30430 was published Apr 1, 2025
Vulnerability in Hewlett Packard Enterprise HPE Insight Cluster Management Utility (CMU).This... Critical Unreviewed
CVE-2024-13804 was published Mar 31, 2025
An attacker with access to the network where the vulnerable device is located could capture... Moderate Unreviewed
CVE-2025-2859 was published Mar 28, 2025
CrushFTP versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0 are affected by a vulnerability... Critical Unreviewed
CVE-2025-2825 was published Mar 26, 2025
An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the... Critical Unreviewed
CVE-2025-2746 was published Mar 24, 2025
An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the... Critical Unreviewed
CVE-2025-2747 was published Mar 24, 2025
Guangzhou Hongfan Technology Co., LTD. iOffice20 has any user login vulnerability. An attacker... High Unreviewed
CVE-2024-57490 was published Mar 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database