GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,722
Erlang
35
GitHub Actions
29
Go
2,306
Maven
5,000+
npm
3,947
NuGet
711
pip
3,727
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,306 advisories
Filter by severity
Improper authentication in the firmware for the Intel(R) Slim Bootloader may allow a privileged...
High
Unreviewed
CVE-2025-20083
was published
May 13, 2025
Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This issue affects Danfoss AK-SM...
High
Unreviewed
CVE-2025-41450
was published
May 8, 2025
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper...
High
Unreviewed
CVE-2025-22477
was published
May 6, 2025
BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local...
High
Unreviewed
CVE-2025-0217
was published
May 5, 2025
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code...
High
Unreviewed
CVE-2025-3935
was published
Apr 25, 2025
The JobSearch WP Job Board plugin for WordPress is vulnerable to authentication bypass in all...
High
Unreviewed
CVE-2024-11917
was published
Apr 25, 2025
Vulnerability in Hewlett Packard Enterprise HPE Performance Cluster Manager (HPCM).This issue...
High
Unreviewed
CVE-2025-27086
was published
Apr 21, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper...
High
Unreviewed
CVE-2025-30287
was published
Apr 8, 2025
Guangzhou Hongfan Technology Co., LTD. iOffice20 has any user login vulnerability. An attacker...
High
Unreviewed
CVE-2024-57490
was published
Mar 21, 2025
An issue was discovered on the Forvia Hella HELLA Driving Recorder DR 820. Remotely Dumping of...
High
Unreviewed
CVE-2025-30116
was published
Mar 18, 2025
A flaw exists in the Windows login flow where an AuthContext token can
be exploited for replay...
High
Unreviewed
CVE-2025-2230
was published
Mar 13, 2025
CWE-287: Improper Authentication vulnerability exists that could cause an Authentication Bypass...
High
Unreviewed
CVE-2025-0813
was published
Mar 12, 2025
Improper Authentication vulnerability in GE Vernova EnerVista UR Setup allows Authentication...
High
Unreviewed
CVE-2025-27254
was published
Mar 10, 2025
The miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) Pro Addon plugin...
High
Unreviewed
CVE-2024-11087
was published
Mar 8, 2025
Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account...
High
Unreviewed
CVE-2025-1723
was published
Mar 3, 2025
A vulnerability in the remote connection complements of the NVDA (Nonvisual Desktop Access) 2024...
High
Unreviewed
CVE-2025-26326
was published
Feb 28, 2025
A vulnerability exists in ChurchCRM 5.13.0 that allows an attacker to execute arbitrary...
High
Unreviewed
CVE-2025-1024
was published
Feb 19, 2025
A vulnerability in the Netgear DGN2200 router with firmware version v1.0.0.46 and earlier permits...
High
Unreviewed
CVE-2024-57046
was published
Feb 18, 2025
A vulnerability exists in ChurchCRM 5.13.0 and prior that allows an attacker to hijack a user's...
High
Unreviewed
CVE-2025-0981
was published
Feb 18, 2025
The Customer Email Verification for WooCommerce plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-13528
was published
Feb 12, 2025
Tenda W18E V16.01.0.8(1625) suffers from authentication bypass in the web management portal...
High
Unreviewed
CVE-2024-46434
was published
Feb 10, 2025
A denial-of-service vulnerability exists in CyberPower PowerPanel Business (PPB) 4.11.0.
An...
High
Unreviewed
CVE-2024-11322
was published
Jan 15, 2025
In OPPOStore iOS App, there's a possible escalation of privilege due to improper input validation.
High
Unreviewed
CVE-2024-1609
was published
Dec 25, 2024
The AirVantage platform is vulnerable to an unauthorized attacker registering previously...
High
Unreviewed
CVE-2023-31279
was published
Dec 21, 2024
In OPPO Store APP, there's a possible escalation of privilege due to improper input validation.
High
Unreviewed
CVE-2024-1610
was published
Dec 18, 2024
ProTip!
Advisories are also available from the
GraphQL API