Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,715
Erlang
34
GitHub Actions
28
Go
2,302
Maven
5,000+
npm
3,946
NuGet
711
pip
3,716
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,099 advisories

Loading
A logic issue was addressed with improved state management. This issue is fixed in visionOS 2.4,... Moderate Unreviewed
CVE-2025-30432 was published Apr 1, 2025
An attacker with access to the network where the vulnerable device is located could capture... Moderate Unreviewed
CVE-2025-2859 was published Mar 28, 2025
In infiniflow/ragflow version v0.12.0, there is an improper authentication vulnerability that... Moderate Unreviewed
CVE-2024-12869 was published Mar 20, 2025
Dell Secure Connect Gateway (SCG) 5.0 Appliance - SRS, version(s) 5.26, Enables Live-Restore... Moderate Unreviewed
CVE-2025-26475 was published Mar 19, 2025
A vulnerability was found in Keytop 路内停车收费系统 2.7.1. It has been declared as critical. Affected by... Moderate Unreviewed
CVE-2025-2388 was published Mar 17, 2025
A vulnerability, which was classified as critical, has been found in IROAD Dash Cam X5 and Dash... Moderate Unreviewed
CVE-2025-2344 was published Mar 16, 2025
A vulnerability was found in otale Tale Blog 2.0.5. It has been classified as problematic. This... Moderate Unreviewed
CVE-2025-2339 was published Mar 16, 2025
An issue in TAAGSOLUTIONS GmbH MyTaag v.2024-11-24 and before allows a remote attacker to... Moderate Unreviewed
CVE-2025-25450 was published Mar 6, 2025
An issue in TAAGSOLUTIONS GmbH MyTaag v.2024-11-24 and before allows a remote attacker to... Moderate Unreviewed
CVE-2025-25452 was published Mar 6, 2025
An issue in TAAGSOLUTIONS GmbH MyTaag v.2024-11-24 and before allows a physically proximate... Moderate Unreviewed
CVE-2025-25451 was published Mar 6, 2025
Scanning certain QR codes that included text with a website URL could allow the URL to be opened... Moderate Unreviewed
CVE-2025-27425 was published Mar 4, 2025
While processing the authentication message in UE, improper authentication may lead to... Moderate Unreviewed
CVE-2024-38426 was published Mar 3, 2025
A flaw in Gliffy results in broken authentication through the reset functionality of the... Moderate Unreviewed
CVE-2024-5174 was published Feb 24, 2025
An issue in the SharedConfig class of Telegram Android APK v.11.7.0 allows a physically proximate... Moderate Unreviewed
CVE-2024-54916 was published Feb 12, 2025
Windows Remote Desktop Configuration Service Tampering Vulnerability Moderate Unreviewed
CVE-2025-21349 was published Feb 11, 2025
An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allows attacker to... Moderate Unreviewed
CVE-2024-52968 was published Feb 11, 2025
Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an... Moderate Unreviewed
CVE-2025-1231 was published Feb 11, 2025
A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This... Moderate Unreviewed
CVE-2025-1104 was published Feb 7, 2025
When multiple server blocks are configured to share the same IP address and port, an attacker can... Moderate Unreviewed
CVE-2025-23419 was published Feb 5, 2025
If LDAP settings are accessed, authentication could be redirected to another server, potentially... Moderate Unreviewed
CVE-2024-12510 was published Feb 3, 2025
API Security bypass through header manipulation Moderate Unreviewed
CVE-2024-55925 was published Jan 23, 2025
HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys,... Moderate Unreviewed
CVE-2024-42172 was published Jan 11, 2025
A user with administrator privileges is able to retrieve authentication tokens Moderate Unreviewed
CVE-2024-9133 was published Jan 11, 2025
Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2024-13309 was published Jan 9, 2025
Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful... Moderate Unreviewed
CVE-2024-56445 was published Jan 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database