Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

189 advisories

Loading
One Identity by Quest Safeguard for Privileged Passwords Appliance 7.5.1.20903 is vulnerable to... Moderate Unreviewed
CVE-2025-56689 was published Sep 8, 2025
The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest... Moderate Unreviewed
CVE-2025-56608 was published Sep 3, 2025
In multiple locations, there is a possible lock screen bypass due to a logic error in the code.... Moderate Unreviewed
CVE-2025-26421 was published Sep 4, 2025
An Authentication Bypass vulnerability in Blue Access' Cobalt X1 thru 02.000.187 allows an... Moderate Unreviewed
CVE-2025-50454 was published Aug 5, 2025
CSC Pay Mobile App 2.19.4 (fixed in version 2.20.0) contains a vulnerability allowing users to... Moderate Unreviewed
CVE-2025-46018 was published Aug 1, 2025
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd... Moderate Unreviewed
CVE-2025-34065 was published Jul 1, 2025
An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd... Moderate Unreviewed
CVE-2025-34053 was published Jul 1, 2025
The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication (2FA) using... Moderate Unreviewed
CVE-2025-23168 was published Jun 19, 2025
This issue was addressed by improving Face ID anti-spoofing models. This issue is fixed in iOS 17... Moderate Unreviewed
CVE-2023-41069 was published Jan 11, 2024
Floodlight SDN Open Flow Controller v.1.2 has an issue that allows local hosts to build fake LLDP... Moderate Unreviewed
CVE-2024-51406 was published Nov 1, 2024
An issue in PARK DANDAN mini-app on Line v13.6.1 allows attackers to send crafted malicious... Moderate Unreviewed
CVE-2023-43304 was published Dec 7, 2023
Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a... Moderate Unreviewed
CVE-2025-5067 was published May 27, 2025
A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This... Moderate Unreviewed
CVE-2025-1104 was published Feb 7, 2025
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed... Moderate Unreviewed
CVE-2021-27853 was published Sep 28, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations... Moderate Unreviewed
CVE-2021-27854 was published Sep 28, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP... Moderate Unreviewed
CVE-2021-27861 was published Sep 28, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP... Moderate Unreviewed
CVE-2021-27862 was published Sep 28, 2022
Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to... Moderate Unreviewed
CVE-2025-3909 was published May 14, 2025
The HttpAuth plugin in pGina.Fork through 3.9.9.12 allows authentication bypass when an adversary... Moderate Unreviewed
CVE-2025-48027 was published May 15, 2025
The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 retrieves client IP... Moderate Unreviewed
CVE-2024-13685 was published Mar 4, 2025
Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by... Moderate Unreviewed
CVE-2025-27695 was published May 8, 2025
An app could impersonate system notifications. Sensitive notifications now require restricted... Moderate Unreviewed
CVE-2025-24091 was published Apr 30, 2025
The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone... Moderate Unreviewed
CVE-2022-44636 was published Dec 13, 2022
When exiting fullscreen mode, an iframe could have confused the browser about the current state... Moderate Unreviewed
CVE-2022-31738 was published Dec 22, 2022
In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system... Moderate Unreviewed
CVE-2023-5616 was published Apr 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database