Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,301
Maven
5,000+
npm
3,942
NuGet
711
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

836 advisories

Loading
An issue in Ocuco Innovation - INVCLIENT.EXE v2.10.24.5 allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-41197 was published May 22, 2025
An issue in Ocuco Innovation - REPORTS.EXE v2.10.24.13 allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-41198 was published May 22, 2025
An issue in Ocuco Innovation - INNOVASERVICEINTF.EXE v2.10.24.17 allows attackers to bypass... Critical Unreviewed
CVE-2024-41195 was published May 22, 2025
An issue in Ocuco Innovation - REPORTSERVER.EXE v2.10.24.13 allows attackers to bypass... Critical Unreviewed
CVE-2024-41196 was published May 22, 2025
An issue in D-Link DI-8100 16.07.26A1 allows a remote attacker to bypass administrator login... Critical Unreviewed
CVE-2025-44083 was published May 21, 2025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the... Critical Unreviewed
CVE-2025-34026 was published May 22, 2025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the... Critical Unreviewed
CVE-2025-34027 was published May 22, 2025
A vulnerability, which was classified as very critical, was found in Netgear DGND3700 1.1.00.15_1... Critical Unreviewed
CVE-2025-4978 was published May 20, 2025
The fingerprint module has service logic errors.Successful exploitation of this vulnerability... Critical Unreviewed
CVE-2022-38982 was published Oct 14, 2022
Sensitive information disclosure in NetScaler Console Critical Unreviewed
CVE-2024-6235 was published Jul 10, 2024
Improper authentication handling was identified in a set of HTTP POST requests affecting the... Critical Unreviewed
CVE-2025-3659 was published May 12, 2025
In Delinea PAM Secret Server 11.4, it is possible for a user (with access to the Report... Critical Unreviewed
CVE-2024-25652 was published Mar 14, 2024
On affected versions of the CloudVision Portal, improper access controls could enable a malicious... Critical Unreviewed
CVE-2024-11186 was published May 8, 2025
In affected versions of Octopus Server where access is managed by an external authentication... Critical Unreviewed
CVE-2022-2572 was published Nov 1, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed
CVE-2022-0992 was published Apr 20, 2022
D-Link DIR-878 1.02B05 is vulnerable to Incorrect Access Control. Critical Unreviewed
CVE-2022-44801 was published Nov 22, 2022
The WebConfig functionality of Epson TM-C3500 and TM-C7500 devices with firmware version WAM31500... Critical Unreviewed
CVE-2022-36133 was published Nov 25, 2022
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication... Critical Unreviewed
CVE-2022-0547 was published Mar 19, 2022
An issue in Student Study Center Desk Management System v1.0 allows attackers to bypass... Critical Unreviewed
CVE-2023-44752 was published Apr 22, 2025
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4... Critical Unreviewed
CVE-2022-42458 was published Dec 7, 2022
SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does... Critical Unreviewed
CVE-2017-16684 was published May 14, 2022
An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web... Critical Unreviewed
CVE-2017-17560 was published May 14, 2022
The UserPro plugin before 4.9.17.1 for WordPress, when used on a site with the "admin" username,... Critical Unreviewed
CVE-2017-16562 was published May 13, 2022
Missing authentication for the remote configuration port 1236/tcp on the Cohu 3960HD allows an... Critical Unreviewed
CVE-2017-8861 was published May 13, 2022
The function in charge to check whether the user is already logged in init.php in Interspire... Critical Unreviewed
CVE-2017-14322 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database