Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,552
Maven
5,000+
npm
4,224
NuGet
746
pip
3,999
Pub
12
RubyGems
953
Rust
1,041
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,323 advisories

Loading
A vulnerability was found in ProjectsAndPrograms School Management System up to... Moderate Unreviewed
CVE-2025-11661 was published Oct 13, 2025
A vulnerability was identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is... Moderate Unreviewed
CVE-2025-11633 was published Oct 12, 2025
A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to... Moderate Unreviewed
CVE-2025-4018 was published Apr 28, 2025
A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to... Moderate Unreviewed
CVE-2025-4019 was published Apr 28, 2025
An attacker with access to the network where the vulnerable device is located could capture... Moderate Unreviewed
CVE-2025-2859 was published Mar 28, 2025
MCPHub has an Improper Authorization vulnerability via its handleSseConnection function Moderate
CVE-2025-11287 was published for @samanhappy/mcphub (npm) Oct 5, 2025
A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function... Moderate Unreviewed
CVE-2025-11529 was published Oct 9, 2025
An improper authentication vulnerability has been reported to affect QNAP Authenticator. If an... Moderate Unreviewed
CVE-2025-54154 was published Oct 3, 2025
A vulnerability, which was classified as critical, has been found in xxyopen/201206030 novel-plus... Moderate Unreviewed
CVE-2025-6533 was published Jun 26, 2025
Trivision NC-227WF firmware 5.80 (build 20141010) login mechanism reveals whether a username... Moderate Unreviewed
CVE-2025-56764 was published Sep 29, 2025
Dragonfly's manager makes requests to external endpoints with disabled TLS authentication Moderate
CVE-2025-59347 was published for d7y.io/dragonfly/v2 (Go) Sep 17, 2025
gaius-qi
Credited to gaius-qi
A cross-tenant authentication vulnerability exists in multiple WSO2 products due to improper... Moderate Unreviewed
CVE-2025-0663 was published Sep 23, 2025
An improper authentication vulnerability has been reported to affect QHora. If an attacker gains... Moderate Unreviewed
CVE-2024-13088 was published Jun 6, 2025
An improper authentication vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed
CVE-2024-48859 was published Dec 6, 2024
A vulnerability was identified in huggingface LeRobot up to 0.3.3. Affected by this vulnerability... Moderate Unreviewed
CVE-2025-10772 was published Sep 22, 2025
API Security bypass through header manipulation Moderate Unreviewed
CVE-2024-55925 was published Jan 23, 2025
A vulnerability was found in newbee-mall 1.0. Impacted is the function mallKaptcha of the file ... Moderate Unreviewed
CVE-2025-10423 was published Sep 15, 2025
Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods Moderate
CVE-2025-58065 was published for flask-appbuilder (pip) Sep 11, 2025
A vulnerability was found in roncoo roncoo-pay up to 9428382af21cd5568319eae7429b7e1d0332ff40.... Moderate Unreviewed
CVE-2025-10288 was published Sep 12, 2025
Improper Authentication (CWE-287) in the LDAP authentication engine in AxxonSoft Axxon One 2.0.2... Moderate Unreviewed
CVE-2025-10224 was published Sep 10, 2025
An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0... Moderate Unreviewed
CVE-2025-52054 was published Aug 28, 2025
A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. Affected is an unknown... Moderate Unreviewed
CVE-2025-9533 was published Aug 27, 2025
matrix-media-repo (MMR) allows unauthenticated writes to the media repository, which may allow planting of problematic content Moderate
CVE-2024-36402 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects... Moderate Unreviewed
CVE-2025-9100 was published Aug 18, 2025
A vulnerability was identified in code-projects Hostel Management System 1.0. This affects an... Moderate Unreviewed
CVE-2025-8964 was published Aug 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database