Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,950
Erlang
39
GitHub Actions
38
Go
2,603
Maven
5,000+
npm
4,250
NuGet
755
pip
4,013
Pub
12
RubyGems
953
Rust
1,048
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

875 advisories

Loading
Dell Storage Center - Dell Storage Manager, version(s) 20.1.21, contain(s) an Improper... Critical Unreviewed
CVE-2025-43995 was published Oct 24, 2025
Improper authentication in the web-based management interface of NETLINK HG322G V1.0.00-231017,... Critical Unreviewed
CVE-2025-60772 was published Oct 21, 2025
TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure. Critical Unreviewed
CVE-2025-56447 was published Oct 22, 2025
The communication protocol implemented in Ghost Robotics Vision 60 v0.27.2 could allow an... Critical Unreviewed
CVE-2025-41108 was published Oct 22, 2025
Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component:... Critical Unreviewed
CVE-2025-61882 was published Oct 5, 2025
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote... Critical Unreviewed
CVE-2024-53704 was published Jan 9, 2025
Remote command execution due to use of default passwords. The following products are affected:... Critical Unreviewed
CVE-2023-45249 was published Jul 24, 2024
Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1... Critical Unreviewed
CVE-2024-7593 was published Aug 13, 2024
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication... Critical Unreviewed
CVE-2024-8956 was published Sep 17, 2024
Microsoft Exchange Server Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21410 was published Feb 13, 2024
Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote... Critical Unreviewed
CVE-2023-35078 was published Jul 25, 2023
An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users... Critical Unreviewed
CVE-2023-35082 was published Aug 15, 2023
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An... Critical Unreviewed
CVE-2023-28461 was published Mar 16, 2023
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and... Critical Unreviewed
CVE-2021-44077 was published Nov 30, 2021
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code... Critical Unreviewed
CVE-2021-44515 was published Dec 13, 2021
Open Management Infrastructure Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-38647 was published May 24, 2022
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API... Critical Unreviewed
CVE-2021-40539 was published May 24, 2022
An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the... Critical Unreviewed
CVE-2025-2747 was published Mar 24, 2025
An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the... Critical Unreviewed
CVE-2025-2746 was published Mar 24, 2025
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability.... Critical Unreviewed
CVE-2024-11680 was published Nov 26, 2024
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass... Critical Unreviewed
CVE-2021-22893 was published May 24, 2022
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows... Critical Unreviewed
CVE-2021-32030 was published May 24, 2022
An issue was discovered in Veritas Backup Exec before 21.2. It supports multiple authentication... Critical Unreviewed
CVE-2021-27877 was published May 24, 2022
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote... Critical Unreviewed
CVE-2020-10148 was published May 24, 2022
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version... Critical Unreviewed
CVE-2022-40684 was published Oct 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database