Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,950
Erlang
39
GitHub Actions
38
Go
2,603
Maven
5,000+
npm
4,250
NuGet
755
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,535 advisories

Loading
The JobSearch WP Job Board plugin for WordPress is vulnerable to authentication bypass in all... High Unreviewed
CVE-2024-11917 was published Apr 25, 2025
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through... High Unreviewed
CVE-2022-46411 was published Dec 4, 2022
Denial of service in Modem module due to improper authorization while error handling in... High Unreviewed
CVE-2022-25685 was published Dec 13, 2022
Vulnerability in Hewlett Packard Enterprise HPE Performance Cluster Manager (HPCM).This issue... High Unreviewed
CVE-2025-27086 was published Apr 21, 2025
Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username:... High Unreviewed
CVE-2020-23935 was published May 24, 2022
A Trusted RFC connection in SAP KERNEL 32NUC, SAP KERNEL 32Unicode, SAP KERNEL 64NUC, SAP KERNEL... High Unreviewed
CVE-2017-16689 was published May 14, 2022
connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows... High Unreviewed
CVE-2017-16953 was published May 14, 2022
In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation... High Unreviewed
CVE-2017-0910 was published May 13, 2022
An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An... High Unreviewed
CVE-2017-17435 was published May 14, 2022
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017... High Unreviewed
CVE-2017-13872 was published May 14, 2022
A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could... High Unreviewed
CVE-2017-12316 was published May 13, 2022
OpenAM (Open Source Edition) allows an attacker to bypass authentication and access unauthorized... High Unreviewed
CVE-2017-10873 was published May 13, 2022
SAP Hostcontrol does not require authentication for the SOAP SAPControl endpoint. This is SAP... High Unreviewed
CVE-2017-15297 was published May 14, 2022
InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by... High Unreviewed
CVE-2017-14972 was published May 14, 2022
When MISP before 2.4.80 is configured with X.509 certificate authentication (CertAuth) in... High Unreviewed
CVE-2017-14337 was published May 17, 2022
dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API... High Unreviewed
CVE-2017-7557 was published May 13, 2022
HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load... High Unreviewed
CVE-2017-2186 was published May 17, 2022
The lockscreen on Elephone P9000 devices (running Android 6.0) allows physically proximate... High Unreviewed
CVE-2017-10709 was published May 13, 2022
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1,... High Unreviewed
CVE-2017-8495 was published May 17, 2022
A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows... High Unreviewed
CVE-2017-9552 was published May 13, 2022
login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass... High Unreviewed
CVE-2017-9100 was published May 13, 2022
An issue was discovered in Personify360 e-Business 7.5.2 through 7.6.1. When going to the /TabId... High Unreviewed
CVE-2017-7314 was published May 17, 2022
An attacker that has hijacked a Unitrends Enterprise Backup (before 9.1.2) web server session can... High Unreviewed
CVE-2017-7284 was published May 13, 2022
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer... High Unreviewed
CVE-2016-9463 was published May 13, 2022
Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions... High Unreviewed
CVE-2017-2689 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database