Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,894 advisories

Loading
Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods Moderate
CVE-2025-58065 was published for flask-appbuilder (pip) Sep 11, 2025
WebSocket endpoint `/api/v2/ws/logs` reachable without authentication even when --auth is enabled High
CVE-2025-54376 was published for github.com/SpectoLabs/hoverfly (Go) Sep 10, 2025
Kr1shna4garwal
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application.... Critical Unreviewed
CVE-2025-10365 was published Sep 12, 2025
A vulnerability was found in roncoo roncoo-pay up to 9428382af21cd5568319eae7429b7e1d0332ff40.... Moderate Unreviewed
CVE-2025-10288 was published Sep 12, 2025
The Amp’ed RF BT-AP 111 Bluetooth access point's HTTP admin interface does not have an... Critical Unreviewed
CVE-2025-9994 was published Sep 9, 2025
Improper Authentication (CWE-287) in the LDAP authentication engine in AxxonSoft Axxon One 2.0.2... Moderate Unreviewed
CVE-2025-10224 was published Sep 10, 2025
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over... High Unreviewed
CVE-2025-54918 was published Sep 9, 2025
SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who... High Unreviewed
CVE-2025-55234 was published Sep 9, 2025
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication... Critical Unreviewed
CVE-2024-8956 was published Sep 17, 2024
PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023... Low Unreviewed
CVE-2023-21466 was published Sep 8, 2025
Error in 3GPP specification implementation in Exynos baseband prior to SMR Apr-2023 Release 1... Critical Unreviewed
CVE-2023-21467 was published Sep 8, 2025
Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This issue affects Danfoss AK-SM... High Unreviewed
CVE-2025-41450 was published May 8, 2025
Improper access control vulnerability in SemClipboard prior to SMR Apr-2023 Release 1 allows... Low Unreviewed
CVE-2023-21471 was published Sep 5, 2025
A logic vulnerability in the the mobile application (com.transsion.applock) can lead to bypassing... Critical Unreviewed
CVE-2024-12603 was published Dec 13, 2024
Logic vulnerability in the mobile application (com.transsion.carlcare) may lead to the risk of... Critical Unreviewed
CVE-2025-1298 was published Feb 14, 2025
Azure Entra Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-55241 was published Sep 5, 2025
In smp_process_secure_connection_oob_data of smp_act.cc, there is a possible way to bypass SMP... High Unreviewed
CVE-2025-26438 was published Sep 4, 2025
A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element... High Unreviewed
CVE-2025-9815 was published Sep 2, 2025
Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows... High Unreviewed
CVE-2024-43685 was published Oct 4, 2024
An improper authentication vulnerability has been reported to affect VioStor. If a remote... Critical Unreviewed
CVE-2025-52856 was published Aug 29, 2025
An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0... Moderate Unreviewed
CVE-2025-52054 was published Aug 28, 2025
The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to... Critical Unreviewed
CVE-2025-7955 was published Aug 28, 2025
A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. Affected is an unknown... Moderate Unreviewed
CVE-2025-9533 was published Aug 27, 2025
zhisheng17 blog 3.0.1-SNAPSHOT has an authentication bypass vulnerability. An attacker can... Critical Unreviewed
CVE-2024-50644 was published Aug 22, 2025
MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this... Critical Unreviewed
CVE-2024-50645 was published Aug 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database