GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,406
Composer 4,950
Erlang 39
GitHub Actions 38
Go 2,605
Maven 6,057
npm 4,250
NuGet 756
pip 4,016
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,124

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

476 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Blackmagic Web Presenter version 3.3 exposes a Telnet service on port 9977 that accepts... Critical Unreviewed

CVE-2025-57432 was published Sep 22, 2025

General Bytes Crypto Application Server (CAS) beginning with version 20201208 prior to 20220531... Critical Unreviewed

CVE-2022-4980 was published Sep 19, 2025

A remote code execution vulnerability in GFI Kerio Control 9.4.5 allows attackers with... Critical Unreviewed

CVE-2025-34071 was published Jul 2, 2025

An authentication bypass vulnerability exists in GFI Kerio Control 9.4.5 due to insecure default... Critical Unreviewed

CVE-2025-34069 was published Jul 2, 2025

A missing authentication vulnerability in the GFIAgent component of GFI Kerio Control 9.4.5... Critical Unreviewed

CVE-2025-34070 was published Jul 2, 2025

Certain models of Industrial Cellular Gateway developed by Planet Technology have a Missing... Critical Unreviewed

CVE-2025-9971 was published Sep 17, 2025

Flowise Cloud and Local Deployments have Unauthenticated Password Reset Token Disclosure that Leads to Account Takeover Critical

CVE-2025-58434 was published for flowise (npm) Sep 12, 2025

Credited to zaddy6 and arthurgervais

Statistical Database System developed by Gotac has a Missing Authentication vulnerability,... Critical Unreviewed

CVE-2025-10452 was published Sep 15, 2025

Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated... Critical Unreviewed

CVE-2025-5310 was published Jun 27, 2025

FreeFloat FTP Server contains multiple critical design flaws that allow unauthenticated remote... Critical Unreviewed

CVE-2012-10030 was published Aug 5, 2025

TSA developed by Changing has a Missing Authentication vulnerability, allowing unauthenticated... Critical Unreviewed

CVE-2025-8861 was published Aug 29, 2025

Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and v4.6.0.1211.28 were... Critical Unreviewed

CVE-2025-25736 was published Aug 26, 2025

The vulnerability allows unauthenticated users to download a file containing session ID data by... Critical Unreviewed

CVE-2025-30040 was published Aug 27, 2025

Unauthenticated access to the "/cgi-bin/CliniNET.prd/GetActiveSessions.pl" endpoint allows... Critical Unreviewed

CVE-2025-30039 was published Aug 27, 2025

The paths "/cgi-bin/CliniNET.prd/utils/userlogstat.pl", "/cgi-bin/CliniNET.prd/utils/usrlogstat... Critical Unreviewed

CVE-2025-30041 was published Aug 27, 2025

An authentication bypass vulnerability exists which allows an unauthenticated attacker to control... Critical Unreviewed

CVE-2025-53118 was published Aug 26, 2025

WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated... Critical Unreviewed

CVE-2025-9254 was published Aug 22, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator... Critical Unreviewed

CVE-2025-8995 was published Aug 15, 2025

A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro... Critical Unreviewed

CVE-2025-27214 was published Aug 21, 2025

AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution... Critical Unreviewed

CVE-2025-8610 was published Aug 20, 2025

AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution... Critical Unreviewed

CVE-2025-8611 was published Aug 20, 2025

Flowise OS command remote code execution Critical

CVE-2025-8943 was published for flowise (npm) Aug 14, 2025

KuWFi CPF908-CP5 WEB5.0_LCD_20210125 devices have multiple unauthenticated access control... Critical Unreviewed

CVE-2025-43983 was published Aug 14, 2025

Burk Technology ARC Solo's password change mechanism can be utilized without proper ... Critical Unreviewed

CVE-2025-5095 was published Aug 8, 2025

By default, the Packet Power Monitoring and Control Web Interface do not enforce authentication... Critical Unreviewed

CVE-2025-8284 was published Aug 8, 2025

Previous 1…3…20 Next

Previous 1 2 3 4 5 … 19 20 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

476 advisories