Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,516 advisories

Loading
The JobSearch WP Job Board plugin for WordPress is vulnerable to authentication bypass in all... High Unreviewed
CVE-2024-11917 was published Apr 25, 2025
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code... High Unreviewed
CVE-2025-3935 was published Apr 25, 2025
BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local... High Unreviewed
CVE-2025-0217 was published May 5, 2025
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper... High Unreviewed
CVE-2025-22477 was published May 6, 2025
Passport-wsfed-saml2 allows SAML Authentication Bypass via Attribute Smuggling High
CVE-2025-46573 was published for passport-wsfed-saml2 (npm) May 6, 2025
kevinroh-okta
Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This issue affects Danfoss AK-SM... High Unreviewed
CVE-2025-41450 was published May 8, 2025
Improper authentication in the firmware for the Intel(R) Slim Bootloader may allow a privileged... High Unreviewed
CVE-2025-20083 was published May 13, 2025
Jenkins WSO2 Oauth Plugin Fails to Properly Authenticate User Credentials High
CVE-2025-47889 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) May 14, 2025
Bypass vulnerability in the device management channel Impact: Successful exploitation of this... High Unreviewed
CVE-2025-48909 was published Jun 6, 2025
Erxes Incorrect Access Control vulnerability High
CVE-2024-57190 was published for erxes (npm) Jun 10, 2025
pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration High
CVE-2025-49146 was published for org.postgresql:postgresql (Maven) Jun 11, 2025
jawj
Salt has minion event bus authorization bypass vulnerability High
CVE-2025-22236 was published for salt (pip) Jun 13, 2025
An issue was discovered on COROS PACE 3 devices through 3.0808.0. It starts advertising if no... High Unreviewed
CVE-2025-32879 was published Jun 20, 2025
ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an Improper... High Unreviewed
CVE-2025-49851 was published Jun 24, 2025
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a... High Unreviewed
CVE-2024-6174 was published Jun 26, 2025
A vulnerability classified as critical was found in Comet System T0510, T3510, T3511, T4511,... High Unreviewed
CVE-2025-6763 was published Jun 27, 2025
A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748_B20211015... High Unreviewed
CVE-2025-6916 was published Jun 30, 2025
Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension... High Unreviewed
CVE-2025-6926 was published Jul 3, 2025
Vulnerability of bypassing the process to start SA and use related functions on distributed... High Unreviewed
CVE-2025-53169 was published Jul 7, 2025
In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP... High Unreviewed
CVE-2025-49812 was published Jul 10, 2025
A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100_AZ3,... High Unreviewed
CVE-2025-7574 was published Jul 14, 2025
An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. High Unreviewed
CVE-2024-51767 was published Jul 14, 2025
An improper access control vulnerability was found in the EZ Sync Manager of ADM, which allows... High Unreviewed
CVE-2025-7699 was published Jul 16, 2025
An authentication bypass and disclosure of information vulnerability exists in HPE AutoPass... High Unreviewed
CVE-2025-37106 was published Jul 16, 2025
An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18. High Unreviewed
CVE-2025-37107 was published Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database