Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

989 advisories

Loading
An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added... Critical Unreviewed
CVE-2018-18505 was published May 13, 2022
lunary-ai/lunary version 1.9.34 is vulnerable to an account takeover due to improper... Critical Unreviewed
CVE-2025-9803 was published Nov 25, 2025
The R.V.R Elettronica TEX product (firmware TEXL-000400, Web GUI TLAN-000400) is vulnerable to... Critical Unreviewed
CVE-2025-63207 was published Nov 19, 2025
The Newtec Celox UHD (models: CELOXA504, CELOXA820) running firmware version celox-21.6.13 is... Critical Unreviewed
CVE-2025-63210 was published Nov 19, 2025
The Itel DAB Encoder (IDEnc build 25aec8d) is vulnerable to Authentication Bypass due to improper... Critical Unreviewed
CVE-2025-63224 was published Nov 19, 2025
The Itel DAB Gateway (IDGat build c041640a) is vulnerable to Authentication Bypass due to... Critical Unreviewed
CVE-2025-63216 was published Nov 19, 2025
Milvus Proxy has a Critical Authentication Bypass Vulnerability Critical
CVE-2025-64513 was published for github.com/milvus-io/milvus (Go) Nov 13, 2025
Improper Authentication vulnerability in GE Vernova Smallworld on Windows, Linux allows... Critical Unreviewed
CVE-2025-3222 was published Nov 7, 2025
An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the... Critical Unreviewed
CVE-2025-2747 was published Mar 24, 2025
An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the... Critical Unreviewed
CVE-2025-2746 was published Mar 24, 2025
An authentication issue was addressed with improved state management. This issue is fixed in... Critical Unreviewed
CVE-2024-23255 was published Mar 8, 2024
An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access... Critical Unreviewed
CVE-2024-7395 was published Aug 5, 2024
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by... Critical Unreviewed
CVE-2017-3167 was published May 13, 2022
This issue was addressed through improved state management. This issue is fixed in visionOS 2.4,... Critical Unreviewed
CVE-2025-30430 was published Apr 1, 2025
Improper authentication vulnerability in Novakon P series allows unauthenticated attackers to... Critical Unreviewed
CVE-2025-9965 was published Sep 23, 2025
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2... Critical Unreviewed
CVE-2025-32975 was published Jun 26, 2025
The Amp’ed RF BT-AP 111 Bluetooth access point's HTTP admin interface does not have an... Critical Unreviewed
CVE-2025-9994 was published Sep 9, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.951 Application 20.0.2368... Critical Unreviewed
CVE-2025-27641 was published Mar 5, 2025
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication... Critical Unreviewed
CVE-2022-0547 was published Mar 19, 2022
A flaw was found in 389-ds-base. If an asterisk is imported as password hashes, either... Critical Unreviewed
CVE-2021-3652 was published Apr 19, 2022
The communication protocol implemented in Ghost Robotics Vision 60 v0.27.2 could allow an... Critical Unreviewed
CVE-2025-41108 was published Oct 22, 2025
Dell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper... Critical Unreviewed
CVE-2025-43995 was published Oct 24, 2025
Authentication bypass in Apache Airflow Critical
CVE-2020-13927 was published for apache-airflow (pip) Apr 30, 2021
sunSUNQ
Credited to sunSUNQ
Improper authentication in the web-based management interface of NETLINK HG322G V1.0.00-231017,... Critical Unreviewed
CVE-2025-60772 was published Oct 21, 2025
TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure. Critical Unreviewed
CVE-2025-56447 was published Oct 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database