Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,740
Maven
5,000+
npm
4,338
NuGet
765
pip
4,112
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

501 advisories

Loading
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253... Critical Unreviewed
CVE-2025-27647 was published Mar 5, 2025
The CE21 Suite plugin for WordPress is vulnerable to unauthorized plugin settings update due to a... Critical Unreviewed
CVE-2025-11007 was published Nov 4, 2025
Radiometrics VizAir is vulnerable to any remote attacker via access to the admin panel of the... Critical Unreviewed
CVE-2025-61945 was published Nov 4, 2025
Radiometrics VizAir is vulnerable to a lack of authentication mechanisms for critical functions,... Critical Unreviewed
CVE-2025-61956 was published Nov 4, 2025
The Survision LPR Camera system does not enforce password protection by default. This allows... Critical Unreviewed
CVE-2025-12108 was published Nov 4, 2025
The Control-M/Agent is vulnerable to unauthenticated remote code execution, arbitrary file read... Critical Unreviewed
CVE-2025-55108 was published Nov 5, 2025
A vulnerability in the Contact Center Express (CCX) Editor application of Cisco Unified CCX could... Critical Unreviewed
CVE-2025-20358 was published Nov 5, 2025
Resource Lacking AuthN.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . Critical Unreviewed
CVE-2025-12476 was published Oct 29, 2025
Server Version Disclosure.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5 . Critical Unreviewed
CVE-2025-12477 was published Oct 29, 2025
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Critical Unreviewed
CVE-2022-30230 was published Jun 15, 2022
An unauthenticated remote command execution vulnerability exists in Samsung WLAN AP WEA453e... Critical Unreviewed
CVE-2025-34068 was published Jul 15, 2025
General Industrial Controls Lynx+ Gateway  is missing critical authentication in the embedded... Critical Unreviewed
CVE-2025-58083 was published Nov 15, 2025
A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of... Critical Unreviewed
CVE-2025-34039 was published Jun 26, 2025
A missing authentication enforcement vulnerability exists in the mutual TLS (mTLS) implementation... Critical Unreviewed
CVE-2025-9312 was published Nov 18, 2025
NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A... Critical Unreviewed
CVE-2024-12847 was published Jan 10, 2025
An authentication bypass issue was discovered in Dasan Switch DS2924 web based interface,... Critical Unreviewed
CVE-2025-63206 was published Nov 19, 2025
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: REST... Critical Unreviewed
CVE-2025-61757 was published Oct 21, 2025
The Iskra iHUB and iHUB Lite smart metering gateway exposes its web management interface without... Critical Unreviewed
CVE-2025-13510 was published Dec 2, 2025
Step CA Has Authorization Bypass in ACME and SCEP Provisioners Critical
CVE-2025-44005 was published for github.com/smallstep/certificates (Go) Dec 3, 2025
Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user... Critical Unreviewed
CVE-2025-59695 was published Dec 2, 2025
Improper configuration of the SSH service in Infinera MTC-9 allows an unauthenticated attacker to... Critical Unreviewed
CVE-2025-27020 was published Dec 8, 2025
Remote shell service (RSH) in Infinera MTC-9 version R22.1.1.0275 allows an attacker to utilize... Critical Unreviewed
CVE-2025-27019 was published Dec 8, 2025
Entrust Instant Financial Issuance (IFI) On Premise software (formerly referred to as CardWizard)... Critical Unreviewed
CVE-2025-34414 was published Dec 9, 2025
MiniDVBLinux 5.4 contains an authentication bypass vulnerability that allows remote attackers to... Critical Unreviewed
CVE-2023-53771 was published Dec 9, 2025
Selea Targa IP OCR-ANPR Camera contains a hard-coded developer password vulnerability that allows... Critical Unreviewed
CVE-2021-47731 was published Dec 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database