Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,244 advisories

Loading
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed
CVE-2025-26366 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q... Critical Unreviewed
CVE-2025-26359 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed
CVE-2025-26362 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed
CVE-2025-26363 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... Critical Unreviewed
CVE-2025-26361 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed
CVE-2025-26364 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in... Moderate Unreviewed
CVE-2025-26360 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed
CVE-2025-26365 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/menu/routes.lua in Q-Free... Critical Unreviewed
CVE-2025-26345 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/guest-mode/routes.lua in Q... Critical Unreviewed
CVE-2025-26344 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/menu/routes.lua in Q-Free... Critical Unreviewed
CVE-2025-26347 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q... Critical Unreviewed
CVE-2025-26342 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxtime/handleRoute.lua in Q-Free... Critical Unreviewed
CVE-2025-26339 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q... Critical Unreviewed
CVE-2025-26341 was published Feb 12, 2025
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting... High Unreviewed
CVE-2025-24472 was published Feb 11, 2025
Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability Critical Unreviewed
CVE-2025-21198 was published Feb 11, 2025
wandb/openui latest commit c945bb859979659add5f490a874140ad17c56a5d contains a vulnerability... Moderate Unreviewed
CVE-2024-10649 was published Feb 10, 2025
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0... Moderate Unreviewed
CVE-2024-54176 was published Feb 8, 2025
Built-in SMS-configuration command in Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1... Critical Unreviewed
CVE-2024-36555 was published Feb 6, 2025
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an authentication bypass... Critical Unreviewed
CVE-2024-9644 was published Feb 4, 2025
A file handling command vulnerability in certain versions of Armoury Crate may result in... High Unreviewed
CVE-2024-12957 was published Jan 23, 2025
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed
CVE-2024-12857 was published Jan 22, 2025
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported... Moderate Unreviewed
CVE-2025-21559 was published Jan 21, 2025
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... Critical Unreviewed
CVE-2025-21535 was published Jan 21, 2025
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component:... Critical Unreviewed
CVE-2025-21524 was published Jan 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database