GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,904
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,504
Maven 5,949
npm 4,149
NuGet 735
pip 3,949
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,783

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

189 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

One Identity by Quest Safeguard for Privileged Passwords Appliance 7.5.1.20903 is vulnerable to... Moderate Unreviewed

CVE-2025-56689 was published Sep 8, 2025

In multiple locations, there is a possible lock screen bypass due to a logic error in the code.... Moderate Unreviewed

CVE-2025-26421 was published Sep 4, 2025

The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest... Moderate Unreviewed

CVE-2025-56608 was published Sep 3, 2025

An Authentication Bypass vulnerability in Blue Access' Cobalt X1 thru 02.000.187 allows an... Moderate Unreviewed

CVE-2025-50454 was published Aug 5, 2025

CSC Pay Mobile App 2.19.4 (fixed in version 2.20.0) contains a vulnerability allowing users to... Moderate Unreviewed

CVE-2025-46018 was published Aug 1, 2025

An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd... Moderate Unreviewed

CVE-2025-34065 was published Jul 1, 2025

An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd... Moderate Unreviewed

CVE-2025-34053 was published Jul 1, 2025

The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication (2FA) using... Moderate Unreviewed

CVE-2025-23168 was published Jun 19, 2025

Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a... Moderate Unreviewed

CVE-2025-5067 was published May 27, 2025

The HttpAuth plugin in pGina.Fork through 3.9.9.12 allows authentication bypass when an adversary... Moderate Unreviewed

CVE-2025-48027 was published May 15, 2025

Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to... Moderate Unreviewed

CVE-2025-3909 was published May 14, 2025

Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by... Moderate Unreviewed

CVE-2025-27695 was published May 8, 2025

An app could impersonate system notifications. Sensitive notifications now require restricted... Moderate Unreviewed

CVE-2025-24091 was published Apr 30, 2025

In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system... Moderate Unreviewed

CVE-2023-5616 was published Apr 15, 2025

Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker allows Identity Spoofing.... Moderate Unreviewed

CVE-2025-32275 was published Apr 10, 2025

Authentication Bypass by Spoofing vulnerability in Asgaros Asgaros Forum allows Identity Spoofing... Moderate Unreviewed

CVE-2025-32227 was published Apr 10, 2025

On IROAD X5 devices, a Bypass of Device Pairing can occur via MAC Address Spoofing. The dashcam's... Moderate Unreviewed

CVE-2025-30110 was published Mar 18, 2025

The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 retrieves client IP... Moderate Unreviewed

CVE-2024-13685 was published Mar 4, 2025

The application or its infrastructure allows for IP address spoofing by providing its own value... Moderate Unreviewed

CVE-2025-22271 was published Feb 28, 2025

Opera Mini for Android before version 52.2 is vulnerable to an address bar spoofing attack. The... Moderate Unreviewed

CVE-2020-6158 was published Feb 21, 2025

A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software... Moderate Unreviewed

CVE-2023-51327 was published Feb 20, 2025

A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Shared Asset Booking... Moderate Unreviewed

CVE-2023-51323 was published Feb 20, 2025

A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software... Moderate Unreviewed

CVE-2023-51326 was published Feb 20, 2025

A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Night Club Booking... Moderate Unreviewed

CVE-2023-51321 was published Feb 20, 2025

Authentication bypass by spoofing issue exists in FileMegane versions above 1.0.0.0 prior to 3.4... Moderate Unreviewed

CVE-2025-25055 was published Feb 18, 2025

Previous1…8 Next

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

189 advisories