Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,334 advisories

Loading
KubeVirt's Improper TLS Certificate Management Handling Allows API Identity Spoofing Moderate
CVE-2025-64434 was published for kubevirt.io/kubevirt (Go) Nov 6, 2025
mihailkirov Faeris95
Credited to mihailkirov and Faeris95
When a master password is set, it is required to be entered again before stored passwords can be... Moderate Unreviewed
CVE-2019-11733 was published May 24, 2022
A vulnerability was found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical.... Moderate Unreviewed
CVE-2025-7897 was published Jul 20, 2025
KubeVirt Affected by an Authentication Bypass in Kubernetes Aggregation Layer Moderate
CVE-2025-64432 was published for kubevirt.io/kubevirt (Go) Nov 6, 2025
mihailkirov Faeris95
xpivarc
Credited to mihailkirov, Faeris95, and xpivarc
Pekko Management may not properly apply authenticator when Basic Authentication is enabled Moderate
CVE-2025-46548 was published for com.lightbend.akka.management:akka-management_2.12 (Maven) Jun 3, 2025
pjfanning
Credited to pjfanning
A vulnerability was found in SimStudioAI sim up to 37786d371e17d35e0764e1b5cd519d873d90d97b. It... Moderate Unreviewed
CVE-2025-7114 was published Jul 7, 2025
sudo-rs doesn't record authenticating user properly in timestamp Moderate
CVE-2025-64517 was published for sudo-rs (Rust) Nov 13, 2025
Pingasmaster bjorn3
squell
Credited to Pingasmaster, bjorn3, and squell
When multiple server blocks are configured to share the same IP address and port, an attacker can... Moderate Unreviewed
CVE-2025-23419 was published Feb 5, 2025
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),... Moderate Unreviewed
CVE-2022-30229 was published Jun 15, 2022
Trivision NC-227WF firmware 5.80 (build 20141010) login mechanism reveals whether a username... Moderate Unreviewed
CVE-2025-56764 was published Sep 29, 2025
pimcore/admin-ui-classic-bundle Unverified Password Change Moderate
CVE-2023-5844 was published for pimcore/admin-ui-classic-bundle (Composer) Oct 31, 2023
Th3l0newolf tjuyuxinzhang
Credited to Th3l0newolf and tjuyuxinzhang
Schneider Electric StruxureWare SCADA Expert ClearSCADA 2010 R3 through 2014 R1 allows remote... Moderate Unreviewed
CVE-2014-5412 was published May 14, 2022
The issue was addressed with improved authentication. This issue is fixed in iOS 17.3 and iPadOS... Moderate Unreviewed
CVE-2024-23219 was published Jan 23, 2024
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit... Moderate Unreviewed
CVE-2020-26558 was published May 24, 2022
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a... Moderate Unreviewed
CVE-2023-52160 was published Feb 22, 2024
An authentication issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed
CVE-2023-42935 was published Jan 23, 2024
Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn... Moderate Unreviewed
CVE-2023-4498 was published Sep 6, 2023
This issue was addressed through improved state management. This issue is fixed in macOS Sonoma... Moderate Unreviewed
CVE-2024-40794 was published Jul 30, 2024
In preloader, there is a possible escalation of privilege due to an insecure default value. This... Moderate Unreviewed
CVE-2025-20730 was published Nov 4, 2025
An authentication issue was addressed with improved state management. This issue is fixed in iOS... Moderate Unreviewed
CVE-2024-44202 was published Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and... Moderate Unreviewed
CVE-2024-44127 was published Sep 17, 2024
A logic issue was addressed with improved state management. This issue is fixed in visionOS 2.4,... Moderate Unreviewed
CVE-2025-30432 was published Apr 1, 2025
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is... Moderate Unreviewed
CVE-2023-40660 was published Nov 6, 2023
The issue was addressed with improved authentication. This issue is fixed in iPadOS 17.7.7, iOS... Moderate Unreviewed
CVE-2025-31228 was published May 13, 2025
A vulnerability was found in libssh, where the authentication check of the connecting client can... Moderate Unreviewed
CVE-2023-2283 was published May 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database