GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,156

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,158 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Unauthenticated Telnet access vulnerability in Calix GigaCenter ONT allows root access.This issue... High Unreviewed

CVE-2025-7635 was published Sep 9, 2025

NUP Portal developed by NewType Infortech has a Missing Authentication vulnerability, allowing... Moderate Unreviewed

CVE-2025-10267 was published Sep 12, 2025

A missing authentication vulnerability was reported in some Lenovo printers that could allow a... Moderate Unreviewed

CVE-2025-9214 was published Sep 11, 2025

It is possible to bypass the administrator login screen on SolaX Cloud. An attacker could use... Moderate Unreviewed

CVE-2025-36757 was published Sep 10, 2025

A problem with missing authorization on SolaX Cloud platform allows taking over any SolaX... Moderate Unreviewed

CVE-2025-36756 was published Sep 10, 2025

SecGate3600, a network firewall product developed by NSFOCUS, contains a sensitive information... High Unreviewed

CVE-2023-7308 was published Aug 28, 2025

A code execution security issue exists in the affected product. An attacker with physical access... High Unreviewed

CVE-2025-9160 was published Sep 9, 2025

A security issue exists within FactoryTalk Activation Manager. An error in the implementation of... High Unreviewed

CVE-2025-7970 was published Sep 9, 2025

SAP NetWeaver Application Server Java does not perform an authentication check when an attacker... Moderate Unreviewed

CVE-2025-42926 was published Sep 9, 2025

Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects... High Unreviewed

CVE-2025-7677 was published Aug 11, 2025

The Cloud SAML SSO plugin for WordPress is vulnerable to Identity Provider Deletion due to a... Moderate Unreviewed

CVE-2025-7045 was published Sep 6, 2025

The Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware before 1.60 IR 04 stores rde... High Unreviewed

CVE-2014-9197 was published May 17, 2022

Phoenix Contact ProConOs and MultiProg do not require authentication, which allows remote... High Unreviewed

CVE-2014-9195 was published May 14, 2022

Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated... Critical Unreviewed

CVE-2025-5310 was published Jun 27, 2025

FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote... Critical Unreviewed

CVE-2012-10030 was published Aug 5, 2025

Improper Access Control issue in the Workflow component of Fortra's FileCatalyst allows... High Unreviewed

CVE-2025-8450 was published Aug 19, 2025

TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same... High Unreviewed

CVE-2020-24363 was published May 24, 2022

TSA developed by Changing has a Missing Authentication vulnerability, allowing unauthenticated... Critical Unreviewed

CVE-2025-8861 was published Aug 29, 2025

Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were... Critical Unreviewed

CVE-2025-25736 was published Aug 26, 2025

The vulnerability allows unauthenticated users to download a file containing session ID data by... Critical Unreviewed

CVE-2025-30040 was published Aug 27, 2025

Unauthenticated access to the "/cgi-bin/CliniNET.prd/GetActiveSessions.pl" endpoint allows... Critical Unreviewed

CVE-2025-30039 was published Aug 27, 2025

The "serverConfig" endpoint, which returns the module configuration including credentials, is... Moderate Unreviewed

CVE-2025-30048 was published Aug 27, 2025

The system exposes several endpoints, typically including "/int/" in their path, that should be... High Unreviewed

CVE-2025-30037 was published Aug 27, 2025

The paths "/cgi-bin/CliniNET.prd/utils/userlogstat.pl", "/cgi-bin/CliniNET.prd/utils/usrlogstat... Critical Unreviewed

CVE-2025-30041 was published Aug 27, 2025

The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that may cause... High Unreviewed

CVE-2025-8627 was published Aug 26, 2025

Previous1…47 Next

Previous 1 2 3 4 5 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,158 advisories