Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,698
Maven
5,000+
npm
4,325
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,968 advisories

Loading
Apache ActiveMQ Deserialization of Untrusted Data vulnerability High
CVE-2022-41678 was published for org.apache.activemq:apache-activemq (Maven) Nov 28, 2023
sunSUNQ
Credited to sunSUNQ
This issue was addressed through improved state management. This issue is fixed in visionOS 2.4,... Critical Unreviewed
CVE-2025-30430 was published Apr 1, 2025
A logic issue was addressed with improved state management. This issue is fixed in visionOS 2.4,... Moderate Unreviewed
CVE-2025-30432 was published Apr 1, 2025
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is... Moderate Unreviewed
CVE-2023-40660 was published Nov 6, 2023
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker... High Unreviewed
CVE-2020-4427 was published May 24, 2022
Improper authentication vulnerability in Novakon P series allows unauthenticated attackers to... Critical Unreviewed
CVE-2025-9965 was published Sep 23, 2025
Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension... High Unreviewed
CVE-2025-6926 was published Jul 3, 2025
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2... Critical Unreviewed
CVE-2025-32975 was published Jun 26, 2025
BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local... High Unreviewed
CVE-2025-0217 was published May 5, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Tahoe 26... High Unreviewed
CVE-2025-31271 was published Sep 16, 2025
The Amp’ed RF BT-AP 111 Bluetooth access point's HTTP admin interface does not have an... Critical Unreviewed
CVE-2025-9994 was published Sep 9, 2025
The issue was addressed with improved authentication. This issue is fixed in iPadOS 17.7.7, iOS... Moderate Unreviewed
CVE-2025-31228 was published May 13, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.951 Application 20.0.2368... Critical Unreviewed
CVE-2025-27641 was published Mar 5, 2025
BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local... High Unreviewed
CVE-2023-23632 was published Oct 12, 2023
A vulnerability was found in libssh, where the authentication check of the connecting client can... Moderate Unreviewed
CVE-2023-2283 was published May 26, 2023
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the... Moderate Unreviewed
CVE-2021-3979 was published Aug 26, 2022
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the... High Unreviewed
CVE-2022-0996 was published Mar 24, 2022
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication... Critical Unreviewed
CVE-2022-0547 was published Mar 19, 2022
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password... Moderate Unreviewed
CVE-2023-4641 was published Dec 27, 2023
A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either... Critical Unreviewed
CVE-2021-3652 was published Apr 19, 2022
The communication protocol implemented in Ghost Robotics Vision 60 v0.27.2 could allow an... Critical Unreviewed
CVE-2025-41108 was published Oct 22, 2025
A vulnerability was identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is... Moderate Unreviewed
CVE-2025-11633 was published Oct 12, 2025
Encrypted WiFi and SSH credentials were found in the Ghost Robotics Vision 60 v0.27.2 APK. This... High Unreviewed
CVE-2025-41110 was published Oct 22, 2025
FastMCP Auth Integration Allows for Confused Deputy Account Takeover High
GHSA-c2jp-c369-7pvx was published for fastmcp (pip) Oct 29, 2025
localden
Credited to localden
An authentication bypass security issue exists within FactoryTalk View Machine Edition Web... High Unreviewed
CVE-2025-9063 was published Oct 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database