GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,172

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,333 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over... High Unreviewed

CVE-2025-54918 was published Sep 9, 2025

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who... High Unreviewed

CVE-2025-55234 was published Sep 9, 2025

In smp_process_secure_connection_oob_data of smp_act.cc, there is a possible way to bypass SMP... High Unreviewed

CVE-2025-26438 was published Sep 4, 2025

A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element... High Unreviewed

CVE-2025-9815 was published Sep 2, 2025

An authentication bypass vulnerability in PandoraNext-TokensTool v0.6.8 and before. An attacker... High Unreviewed

CVE-2024-50641 was published Aug 21, 2025

Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit... High Unreviewed

CVE-2024-57491 was published Aug 20, 2025

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over... High Unreviewed

CVE-2025-53778 was published Aug 12, 2025

On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments... High Unreviewed

CVE-2025-53786 was published Aug 6, 2025

Unauthorized access and impersonation can occur in versions 4.6.2.3226 and below of Progress... High Unreviewed

CVE-2025-6505 was published Jul 29, 2025

A vulnerability in Imprivata Enterprise Access Management (formerly Imprivata OneSign) allows... High Unreviewed

CVE-2024-12310 was published Jul 23, 2025

Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows... High Unreviewed

CVE-2025-54452 was published Jul 23, 2025

Insufficient protection against brute-force and runtime manipulation in the local authentication... High Unreviewed

CVE-2025-41459 was published Jul 21, 2025

An authentication bypass and disclosure of information vulnerability exists in HPE AutoPass... High Unreviewed

CVE-2025-37106 was published Jul 16, 2025

An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18. High Unreviewed

CVE-2025-37107 was published Jul 16, 2025

An improper access control vulnerability was found in the EZ Sync Manager of ADM, which allows... High Unreviewed

CVE-2025-7699 was published Jul 16, 2025

An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. High Unreviewed

CVE-2024-51767 was published Jul 14, 2025

A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100_AZ3,... High Unreviewed

CVE-2025-7574 was published Jul 14, 2025

In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP... High Unreviewed

CVE-2025-49812 was published Jul 10, 2025

Vulnerability of bypassing the process to start SA and use related functions on distributed... High Unreviewed

CVE-2025-53169 was published Jul 7, 2025

Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension... High Unreviewed

CVE-2025-6926 was published Jul 3, 2025

A vulnerability, which was classified as critical, was found in TOTOLINK T6 4.1.5cu.748_B20211015... High Unreviewed

CVE-2025-6916 was published Jun 30, 2025

A vulnerability classified as critical was found in Comet System T0510, T3510, T3511, T4511,... High Unreviewed

CVE-2025-6763 was published Jun 27, 2025

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a... High Unreviewed

CVE-2024-6174 was published Jun 26, 2025

ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnerable to an Improper... High Unreviewed

CVE-2025-49851 was published Jun 24, 2025

An issue was discovered on COROS PACE 3 devices through 3.0808.0. It starts advertising if no... High Unreviewed

CVE-2025-32879 was published Jun 20, 2025

Previous1…54 Next

Previous 1 2 3 4 5 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,333 advisories