GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,776
Composer 5,036
Erlang 39
GitHub Actions 38
Go 2,680
Maven 6,124
npm 4,308
NuGet 760
pip 4,081
Pub 12
RubyGems 958
Rust 1,061
Swift 45

Unreviewed advisories

All unreviewed 278,313

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,334 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0 and lower and version 2.0.3... Moderate Unreviewed

CVE-2019-13531 was published May 24, 2022

An improper authentication vulnerability exists in WSO2 Identity Server 7.0.0 due to an... Moderate Unreviewed

CVE-2024-7487 was published May 22, 2025

An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded... Moderate Unreviewed

CVE-2025-32815 was published May 22, 2025

Medtronic MMT 508 MiniMed insulin pump, 522 / MMT - 722 Paradigm REAL-TIME, 523 / MMT - 723... Moderate Unreviewed

CVE-2018-14781 was published May 13, 2022

A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This... Moderate Unreviewed

CVE-2025-1104 was published Feb 7, 2025

Vulnerability in the RDBMS Listener component of Oracle Database Server. Supported versions that... Moderate Unreviewed

CVE-2025-30733 was published Apr 15, 2025

HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys,... Moderate Unreviewed

CVE-2024-42172 was published Jan 11, 2025

A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). It has been classified as... Moderate Unreviewed

CVE-2025-4755 was published May 16, 2025

Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to... Moderate Unreviewed

CVE-2025-26685 was published May 13, 2025

A vulnerability, which was classified as critical, was found in JAdmin-JAVA JAdmin 1.0. Affected... Moderate Unreviewed

CVE-2025-4494 was published May 10, 2025

A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This... Moderate Unreviewed

CVE-2025-4268 was published May 5, 2025

A lock screen issue was addressed with improved state management. This issue is fixed in iOS 15.7... Moderate Unreviewed

CVE-2022-32935 was published Nov 2, 2022

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, macOS... Moderate Unreviewed

CVE-2022-32928 was published Nov 2, 2022

Bypass vulnerability in the network search instruction authentication module Impact: Successful... Moderate Unreviewed

CVE-2025-46590 was published May 6, 2025

Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed

CVE-2025-46630 was published May 2, 2025

Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed

CVE-2025-46631 was published May 2, 2025

@cloudflare/workers-oauth-provider PKCE bypass via downgrade attack Moderate

CVE-2025-4144 was published for @cloudflare/workers-oauth-provider (npm) May 1, 2025

Duplicate Advisory: @cloudflare/workers-oauth-provider PKCE bypass via downgrade attack Moderate

GHSA-vh4h-fvqf-q9wv was published for @cloudflare/workers-oauth-provider (npm) May 1, 2025 • withdrawn

Duplicate Advisory: Keycloak vulnerable to two factor authentication bypass Moderate

GHSA-fx44-2wx5-5fvp was published for org.keycloak:keycloak-services (Maven) Apr 29, 2025 • withdrawn

Moodle makes some user data available before completing second factor with MFA enabled Moderate

CVE-2025-3627 was published for moodle/moodle (Composer) Apr 25, 2025

Moodle self enrollment available before completing second factor with MFA enabled Moderate

CVE-2025-3634 was published for moodle/moodle (Composer) Apr 25, 2025

Improper authentication vulnerability in WordPress versions prior to 6.0.3 allows a remote... Moderate Unreviewed

CVE-2022-43504 was published Dec 5, 2022

BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed

CVE-2025-2771 was published Apr 23, 2025

VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability.... Moderate Unreviewed

CVE-2022-31701 was published Dec 14, 2022

A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue... Moderate Unreviewed

CVE-2025-3850 was published Apr 22, 2025

Previous 1…5…54 Next

Previous 1 2 3 4 5 6 7 … 53 54 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,334 advisories