GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,715
Erlang
34
GitHub Actions
28
Go
2,301
Maven
5,000+
npm
3,946
NuGet
711
pip
3,715
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,306 advisories
Filter by severity
Medtronic MyCareLink Smart 25000 all versions contain an authentication protocol vuln where the...
High
Unreviewed
CVE-2020-25183
was published
May 24, 2022
In Medtronic MinMed 508 and Medtronic Minimed Paradigm Insulin Pumps, Versions, MiniMed 508 pump ...
High
Unreviewed
CVE-2019-10964
was published
May 24, 2022
Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This issue affects Danfoss AK-SM...
High
Unreviewed
CVE-2025-41450
was published
May 8, 2025
Improper authentication in the firmware for the Intel(R) Slim Bootloader may allow a privileged...
High
Unreviewed
CVE-2025-20083
was published
May 13, 2025
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper...
High
Unreviewed
CVE-2025-22477
was published
May 6, 2025
BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local...
High
Unreviewed
CVE-2025-0217
was published
May 5, 2025
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code...
High
Unreviewed
CVE-2025-3935
was published
Apr 25, 2025
An access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4...
High
Unreviewed
CVE-2022-44037
was published
Nov 29, 2022
The JobSearch WP Job Board plugin for WordPress is vulnerable to authentication bypass in all...
High
Unreviewed
CVE-2024-11917
was published
Apr 25, 2025
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through...
High
Unreviewed
CVE-2022-46411
was published
Dec 4, 2022
Denial of service in Modem module due to improper authorization while error handling in...
High
Unreviewed
CVE-2022-25685
was published
Dec 13, 2022
Vulnerability in Hewlett Packard Enterprise HPE Performance Cluster Manager (HPCM).This issue...
High
Unreviewed
CVE-2025-27086
was published
Apr 21, 2025
Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username:...
High
Unreviewed
CVE-2020-23935
was published
May 24, 2022
A Trusted RFC connection in SAP KERNEL 32NUC, SAP KERNEL 32Unicode, SAP KERNEL 64NUC, SAP KERNEL...
High
Unreviewed
CVE-2017-16689
was published
May 14, 2022
connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows...
High
Unreviewed
CVE-2017-16953
was published
May 14, 2022
In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation...
High
Unreviewed
CVE-2017-0910
was published
May 13, 2022
An issue was discovered in the software on Vaultek Gun Safe VT20i products, aka BlueSteal. An...
High
Unreviewed
CVE-2017-17435
was published
May 14, 2022
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017...
High
Unreviewed
CVE-2017-13872
was published
May 14, 2022
A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could...
High
Unreviewed
CVE-2017-12316
was published
May 13, 2022
OpenAM (Open Source Edition) allows an attacker to bypass authentication and access unauthorized...
High
Unreviewed
CVE-2017-10873
was published
May 13, 2022
SAP Hostcontrol does not require authentication for the SOAP SAPControl endpoint. This is SAP...
High
Unreviewed
CVE-2017-15297
was published
May 14, 2022
InFocus Mondopad 2.2.08 is vulnerable to authentication bypass when accessing uploaded files by...
High
Unreviewed
CVE-2017-14972
was published
May 14, 2022
When MISP before 2.4.80 is configured with X.509 certificate authentication (CertAuth) in...
High
Unreviewed
CVE-2017-14337
was published
May 17, 2022
dnsdist version 1.1.0 is vulnerable to a flaw in authentication mechanism for REST API...
High
Unreviewed
CVE-2017-7557
was published
May 13, 2022
HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load...
High
Unreviewed
CVE-2017-2186
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API