Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,681
Maven
5,000+
npm
4,311
NuGet
760
pip
4,084
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,334 advisories

Loading
Dragonfly's manager makes requests to external endpoints with disabled TLS authentication Moderate
CVE-2025-59347 was published for d7y.io/dragonfly/v2 (Go) Sep 17, 2025
gaius-qi
Credited to gaius-qi
A cross-tenant authentication vulnerability exists in multiple WSO2 products due to improper... Moderate Unreviewed
CVE-2025-0663 was published Sep 23, 2025
An improper authentication vulnerability has been reported to affect QHora. If an attacker gains... Moderate Unreviewed
CVE-2024-13088 was published Jun 6, 2025
An improper authentication vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed
CVE-2024-48859 was published Dec 6, 2024
A vulnerability was identified in huggingface LeRobot up to 0.3.3. Affected by this vulnerability... Moderate Unreviewed
CVE-2025-10772 was published Sep 22, 2025
API Security bypass through header manipulation Moderate Unreviewed
CVE-2024-55925 was published Jan 23, 2025
A vulnerability was found in newbee-mall 1.0. Impacted is the function mallKaptcha of the file ... Moderate Unreviewed
CVE-2025-10423 was published Sep 15, 2025
Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods Moderate
CVE-2025-58065 was published for flask-appbuilder (pip) Sep 11, 2025
A vulnerability was found in roncoo roncoo-pay up to 9428382af21cd5568319eae7429b7e1d0332ff40.... Moderate Unreviewed
CVE-2025-10288 was published Sep 12, 2025
Improper Authentication (CWE-287) in the LDAP authentication engine in AxxonSoft Axxon One 2.0.2... Moderate Unreviewed
CVE-2025-10224 was published Sep 10, 2025
An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0... Moderate Unreviewed
CVE-2025-52054 was published Aug 28, 2025
A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. Affected is an unknown... Moderate Unreviewed
CVE-2025-9533 was published Aug 27, 2025
matrix-media-repo (MMR) allows unauthenticated writes to the media repository, which may allow planting of problematic content Moderate
CVE-2024-36402 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects... Moderate Unreviewed
CVE-2025-9100 was published Aug 18, 2025
A vulnerability was identified in code-projects Hostel Management System 1.0. This affects an... Moderate Unreviewed
CVE-2025-8964 was published Aug 14, 2025
A vulnerability has been found in WinterChenS my-site up to... Moderate Unreviewed
CVE-2025-8838 was published Aug 11, 2025
A vulnerability, which was classified as problematic, was found in atjiu pybbs up to 6.0.0. This... Moderate Unreviewed
CVE-2025-8546 was published Aug 5, 2025
A vulnerability has been found in Kehua Charging Pile Cloud Platform 1.0 and classified as... Moderate Unreviewed
CVE-2025-8348 was published Jul 31, 2025
Keycloak vulnerable to two factor authentication bypass Moderate
CVE-2025-3910 was published for org.keycloak:keycloak-services (Maven) Apr 30, 2025
A vulnerability in Cisco DNA Center software could allow an unauthenticated remote attacker... Moderate Unreviewed
CVE-2020-3411 was published May 24, 2022
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft... Moderate Unreviewed
CVE-2025-53771 was published Jul 21, 2025
A vulnerability classified as critical has been found in Metasoft 美特软件 MetaCRM up to 6.4.2. This... Moderate Unreviewed
CVE-2025-7875 was published Jul 20, 2025
A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical.... Moderate Unreviewed
CVE-2025-7862 was published Jul 20, 2025
A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4... Moderate Unreviewed
CVE-2025-7095 was published Jul 7, 2025
Authentication vulnerability in the mobile application(tech.palm.id)may lead to the risk of... Moderate Unreviewed
CVE-2025-7703 was published Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database