Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,715
Erlang
34
GitHub Actions
28
Go
2,302
Maven
5,000+
npm
3,946
NuGet
711
pip
3,716
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,779 advisories

Loading
A vulnerability, which was classified as critical, has been found in Gowabby HFish 0.1. This... Moderate Unreviewed
CVE-2025-5247 was published May 27, 2025
A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by... Moderate Unreviewed
CVE-2025-5149 was published May 25, 2025
An improper authentication vulnerability exists in WSO2 Identity Server 7.0.0 due to an... Moderate Unreviewed
CVE-2024-7487 was published May 22, 2025
An issue in Ocuco Innovation - INNOVASERVICEINTF.EXE v2.10.24.17 allows attackers to bypass... Critical Unreviewed
CVE-2024-41195 was published May 22, 2025
An issue in Ocuco Innovation - INVCLIENT.EXE v2.10.24.5 allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-41197 was published May 22, 2025
An issue in Ocuco Innovation - REPORTSERVER.EXE v2.10.24.13 allows attackers to bypass... Critical Unreviewed
CVE-2024-41196 was published May 22, 2025
An issue in Ocuco Innovation - REPORTS.EXE v2.10.24.13 allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-41198 was published May 22, 2025
An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded... Moderate Unreviewed
CVE-2025-32815 was published May 22, 2025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the... Critical Unreviewed
CVE-2025-34026 was published May 22, 2025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the... Critical Unreviewed
CVE-2025-34027 was published May 22, 2025
An issue in D-Link DI-8100 16.07.26A1 allows a remote attacker to bypass administrator login... Critical Unreviewed
CVE-2025-44083 was published May 21, 2025
A vulnerability, which was classified as very critical, was found in Netgear DGND3700 1.1.00.15_1... Critical Unreviewed
CVE-2025-4978 was published May 20, 2025
laravel-auth0 SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions Critical
GHSA-9fwj-9mjf-rhj3 was published for auth0/login (Composer) May 17, 2025
Sideni
Auth0 Wordpress plugin Vulnerable to Brute Force Authentication Tags of CookieStore Sessions Critical
GHSA-2f4r-34m4-3w8q was published for auth0/wordpress (Composer) May 17, 2025
Sideni
Auth0 Symfony SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions Critical
GHSA-9wg9-93h9-j8ch was published for auth0/symfony (Composer) May 17, 2025
Sideni
Brute Force Authentication Tags of CookieStore Sessions in Auth0-PHP SDK Critical
CVE-2025-47275 was published for auth0/auth0-php (Composer) May 16, 2025
Sideni kevinroh-okta
A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). It has been classified as... Moderate Unreviewed
CVE-2025-4755 was published May 16, 2025
Jenkins WSO2 Oauth Plugin Fails to Properly Authenticate User Credentials High
CVE-2025-47889 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) May 14, 2025
Improper authentication in the firmware for the Intel(R) Slim Bootloader may allow a privileged... High Unreviewed
CVE-2025-20083 was published May 13, 2025
Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to... Moderate Unreviewed
CVE-2025-26685 was published May 13, 2025
The issue was addressed with improved authentication. This issue is fixed in iPadOS 17.7.7, iOS... Moderate Unreviewed
CVE-2025-31228 was published May 13, 2025
Improper authentication handling was identified in a set of HTTP POST requests affecting the... Critical Unreviewed
CVE-2025-3659 was published May 12, 2025
A vulnerability, which was classified as critical, was found in JAdmin-JAVA JAdmin 1.0. Affected... Moderate Unreviewed
CVE-2025-4494 was published May 10, 2025
On affected versions of the CloudVision Portal, improper access controls could enable a malicious... Critical Unreviewed
CVE-2024-11186 was published May 8, 2025
Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This issue affects Danfoss AK-SM... High Unreviewed
CVE-2025-41450 was published May 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database