Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,161 advisories

Loading
Missing authentication for critical function vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac... High Unreviewed
CVE-2025-29870 was published Apr 9, 2025
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web... High Unreviewed
CVE-2024-41793 was published Apr 8, 2025
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web... Moderate Unreviewed
CVE-2024-41791 was published Apr 8, 2025
In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to... Moderate Unreviewed
CVE-2025-32357 was published Apr 5, 2025
HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential... Moderate Unreviewed
CVE-2025-0257 was published Apr 3, 2025
Missing authentication for critical function vulnerability exists in AssetView and AssetView... High Unreviewed
CVE-2025-25060 was published Apr 2, 2025
The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to privilege... Critical Unreviewed
CVE-2024-13553 was published Apr 1, 2025
IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.22, 7.2 through 7.2.3.15, and 7.3 through 7.3.2.10 /... Moderate Unreviewed
CVE-2024-56469 was published Mar 27, 2025
A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is... Moderate Unreviewed
CVE-2024-45355 was published Mar 27, 2025
A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is... High Unreviewed
CVE-2024-45356 was published Mar 27, 2025
A Missing Authentication for Critical Function vulnerability in the GRUB configuration used B&R... High Unreviewed
CVE-2024-45483 was published Mar 25, 2025
HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information... Moderate Unreviewed
CVE-2025-0256 was published Mar 24, 2025
In mintplex-labs/anything-llm v1.5.11 desktop version for Windows, the application opens server... Critical Unreviewed
CVE-2024-8196 was published Mar 20, 2025
Missing authentication for critical function vulnerability in the webapi component in Synology... High Unreviewed
CVE-2024-50630 was published Mar 19, 2025
On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam... High Unreviewed
CVE-2025-30111 was published Mar 18, 2025
An unauthenticated remote attacker can gain access to the cloud API due to a lack of... Critical Unreviewed
CVE-2024-23943 was published Mar 18, 2025
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-13772 was published Mar 14, 2025
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... Critical Unreviewed
CVE-2024-13771 was published Mar 14, 2025
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.8),... Moderate Unreviewed
CVE-2024-52285 was published Mar 11, 2025
SAP NetWeaver Enterprise Portal OBN does not perform proper authentication check for a particular... Moderate Unreviewed
CVE-2025-23194 was published Mar 11, 2025
Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup... High Unreviewed
CVE-2025-27256 was published Mar 10, 2025
The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in... Critical Unreviewed
CVE-2025-1315 was published Mar 7, 2025
The School Management System for Wordpress plugin for WordPress is vulnerable to privilege... High Unreviewed
CVE-2024-9658 was published Mar 7, 2025
Peppermint Ticket Management 0.4.6 is vulnerable to Incorrect Access Control. A regular... High Unreviewed
CVE-2024-31525 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed
CVE-2025-27642 was published Mar 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database