GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,675
Composer 4,722
Erlang 35
GitHub Actions 29
Go 2,306
Maven 5,597
npm 3,947
NuGet 711
pip 3,727
Pub 12
RubyGems 920
Rust 964
Swift 38

Unreviewed advisories

All unreviewed 257,345

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,306 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Medtronic MyCareLink Smart 25000 all versions contain an authentication protocol vuln where the... High Unreviewed

CVE-2020-25183 was published May 24, 2022

In Medtronic MinMed 508 and Medtronic Minimed Paradigm Insulin Pumps, Versions, MiniMed 508 pump ... High Unreviewed

CVE-2019-10964 was published May 24, 2022

Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This issue affects Danfoss AK-SM... High Unreviewed

CVE-2025-41450 was published May 8, 2025

Improper authentication in the firmware for the Intel(R) Slim Bootloader may allow a privileged... High Unreviewed

CVE-2025-20083 was published May 13, 2025

Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper... High Unreviewed

CVE-2025-22477 was published May 6, 2025

BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local... High Unreviewed

CVE-2025-0217 was published May 5, 2025

ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code... High Unreviewed

CVE-2025-3935 was published Apr 25, 2025

An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4... High Unreviewed

CVE-2022-44037 was published Nov 29, 2022

The JobSearch WP Job Board plugin for WordPress is vulnerable to authentication bypass in all... High Unreviewed

CVE-2024-11917 was published Apr 25, 2025

An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through... High Unreviewed

CVE-2022-46411 was published Dec 4, 2022

Denial of service in Modem module due to improper authorization while error handling in... High Unreviewed

CVE-2022-25685 was published Dec 13, 2022

Vulnerability in Hewlett Packard Enterprise HPE Performance Cluster Manager (HPCM).This issue... High Unreviewed

CVE-2025-27086 was published Apr 21, 2025

Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username:... High Unreviewed

CVE-2020-23935 was published May 24, 2022

A Trusted RFC connection in SAP KERNEL 32NUC, SAP KERNEL 32Unicode, SAP KERNEL 64NUC, SAP KERNEL... High Unreviewed

CVE-2017-16689 was published May 14, 2022

connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows... High Unreviewed

CVE-2017-16953 was published May 14, 2022

In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation... High Unreviewed

CVE-2017-0910 was published May 13, 2022

An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An... High Unreviewed

CVE-2017-17435 was published May 14, 2022

An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017... High Unreviewed

CVE-2017-13872 was published May 14, 2022

A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could... High Unreviewed

CVE-2017-12316 was published May 13, 2022

OpenAM (Open Source Edition) allows an attacker to bypass authentication and access unauthorized... High Unreviewed

CVE-2017-10873 was published May 13, 2022

SAP Hostcontrol does not require authentication for the SOAP SAPControl endpoint. This is SAP... High Unreviewed

CVE-2017-15297 was published May 14, 2022

InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by... High Unreviewed

CVE-2017-14972 was published May 14, 2022

When MISP before 2.4.80 is configured with X.509 certificate authentication (CertAuth) in... High Unreviewed

CVE-2017-14337 was published May 17, 2022

dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API... High Unreviewed

CVE-2017-7557 was published May 13, 2022

HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load... High Unreviewed

CVE-2017-2186 was published May 17, 2022

Previous 1 2 3 4 5 … 52 53 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,306 advisories