GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,614
Composer 4,714
Erlang 34
GitHub Actions 28
Go 2,301
Maven 5,576
npm 3,942
NuGet 711
pip 3,711
Pub 12
RubyGems 920
Rust 960
Swift 38

Unreviewed advisories

All unreviewed 256,969

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,098 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by... Moderate Unreviewed

CVE-2025-5149 was published May 25, 2025

An improper authentication vulnerability exists in WSO2 Identity Server 7.0.0 due to an... Moderate Unreviewed

CVE-2024-7487 was published May 22, 2025

An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded... Moderate Unreviewed

CVE-2025-32815 was published May 22, 2025

A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). It has been classified as... Moderate Unreviewed

CVE-2025-4755 was published May 16, 2025

Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to... Moderate Unreviewed

CVE-2025-26685 was published May 13, 2025

The issue was addressed with improved authentication. This issue is fixed in iPadOS 17.7.7, iOS... Moderate Unreviewed

CVE-2025-31228 was published May 13, 2025

A vulnerability, which was classified as critical, was found in JAdmin-JAVA JAdmin 1.0. Affected... Moderate Unreviewed

CVE-2025-4494 was published May 10, 2025

Bypass vulnerability in the network search instruction authentication module Impact: Successful... Moderate Unreviewed

CVE-2025-46590 was published May 6, 2025

A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This... Moderate Unreviewed

CVE-2025-4268 was published May 5, 2025

Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed

CVE-2025-46631 was published May 2, 2025

Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed

CVE-2025-46630 was published May 2, 2025

A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160.... Moderate Unreviewed

CVE-2025-4015 was published Apr 28, 2025

A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to... Moderate Unreviewed

CVE-2025-4019 was published Apr 28, 2025

A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to... Moderate Unreviewed

CVE-2025-4018 was published Apr 28, 2025

BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed

CVE-2025-2771 was published Apr 23, 2025

A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue... Moderate Unreviewed

CVE-2025-3850 was published Apr 22, 2025

Vulnerability in the RDBMS Listener component of Oracle Database Server. Supported versions that... Moderate Unreviewed

CVE-2025-30733 was published Apr 15, 2025

An issue in the web socket handshake process of SteVe v3.7.1 allows attackers to bypass... Moderate Unreviewed

CVE-2024-44843 was published Apr 15, 2025

In JotUrl 2.0, is possible to bypass security requirements during the password change process. Moderate Unreviewed

CVE-2025-24949 was published Apr 15, 2025

In WhatsUp Gold versions released before 2024.0.3, a database manipulation vulnerability... Moderate Unreviewed

CVE-2025-2572 was published Apr 14, 2025

Spring Cloud Config Server may not use Vault token sent by clients using a X-CONFIG-TOKEN header... Moderate Unreviewed

CVE-2025-22232 was published Apr 10, 2025

A vulnerability has been found in qinguoyi TinyWebServer up to 1.0 and classified as critical.... Moderate Unreviewed

CVE-2025-3268 was published Apr 4, 2025

Vulnerability in Drupal Drupal Admin LTE theme.This issue affects Drupal Admin LTE theme: *.*. Moderate Unreviewed

CVE-2025-3062 was published Apr 1, 2025

Vulnerability in Drupal Material Admin.This issue affects Material Admin: *.*. Moderate Unreviewed

CVE-2025-3061 was published Apr 1, 2025

A logic issue was addressed with improved state management. This issue is fixed in visionOS 2.4,... Moderate Unreviewed

CVE-2025-30432 was published Apr 1, 2025

Previous 1 2 3 4 5 … 43 44 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,098 advisories