Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

989 advisories

Loading
Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-34523 was published May 24, 2022
An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication... Critical Unreviewed
CVE-2018-10561 was published May 14, 2022
SKYSEA Client View Ver.11.221.03 and earlier allows remote code execution via a flaw in... Critical Unreviewed
CVE-2016-7836 was published May 17, 2022
Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that... Critical Unreviewed
CVE-2025-11625 was published Oct 21, 2025
PrestaShop Checkout allows customer account takeover via email Critical
CVE-2025-61922 was published for prestashop/ps_checkout (Composer) Oct 16, 2025
iNem0o
Credited to iNem0o
The HEIDENHAIN Controller TNC 640, version 340590 07 SP5, running HEROS 5.08.3 controlling the... Critical Unreviewed
CVE-2022-41648 was published Oct 28, 2022
A broken authorization vulnerability in Kiloview NDI N30 allows a remote unauthenticated attacker... Critical Unreviewed
CVE-2025-9265 was published Oct 13, 2025
Improper Authentication vulnerability in upKeeper Solutions product upKeeper Manager allows... Critical Unreviewed
CVE-2024-42462 was published Aug 16, 2024
Incorrect authentication vulnerability in OpenSIAC, which could allow an attacker to impersonate... Critical Unreviewed
CVE-2025-41064 was published Oct 2, 2025
A vulnerability in the Ruijie RG-ES series switch firmware ESW_1.0(1)B1P39 enables remote... Critical Unreviewed
CVE-2025-56752 was published Sep 29, 2025
A vulnerability has been identified in PowerSys (All versions < V3.11). The affected application... Critical Unreviewed
CVE-2024-36266 was published Jun 11, 2024
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the... Critical Unreviewed
CVE-2025-34027 was published May 22, 2025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the... Critical Unreviewed
CVE-2025-34026 was published May 22, 2025
XML Processing error in github.com/crewjam/saml Critical
CVE-2020-27846 was published for github.com/crewjam/saml (Go) Jun 23, 2021
Azure Entra Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-55241 was published Sep 5, 2025
Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0... Critical Unreviewed
CVE-2025-45583 was published Sep 12, 2025
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application.... Critical Unreviewed
CVE-2025-10365 was published Sep 12, 2025
Error in 3GPP specification implementation in Exynos baseband prior to SMR Apr-2023 Release 1... Critical Unreviewed
CVE-2023-21467 was published Sep 8, 2025
A logic vulnerability in the the mobile application (com.transsion.applock) can lead to bypassing... Critical Unreviewed
CVE-2024-12603 was published Dec 13, 2024
Logic vulnerability in the mobile application (com.transsion.carlcare) may lead to the risk of... Critical Unreviewed
CVE-2025-1298 was published Feb 14, 2025
An improper authentication vulnerability has been reported to affect VioStor. If a remote... Critical Unreviewed
CVE-2025-52856 was published Aug 29, 2025
The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to... Critical Unreviewed
CVE-2025-7955 was published Aug 28, 2025
zhisheng17 blog 3.0.1-SNAPSHOT has an authentication bypass vulnerability. An attacker can... Critical Unreviewed
CVE-2024-50644 was published Aug 22, 2025
MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this... Critical Unreviewed
CVE-2024-50645 was published Aug 22, 2025
An issue in Roadcute API v.1 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2025-52395 was published Aug 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database