Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,732
Erlang
35
GitHub Actions
29
Go
2,310
Maven
5,000+
npm
3,949
NuGet
711
pip
3,728
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

198 advisories

Loading
An issue in PARK DANDAN mini-app on Line v13.6.1 allows attackers to send crafted malicious... Moderate Unreviewed
CVE-2023-43304 was published Dec 7, 2023
Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a... Moderate Unreviewed
CVE-2025-5067 was published May 27, 2025
A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This... Moderate Unreviewed
CVE-2025-1104 was published Feb 7, 2025
Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed... Moderate Unreviewed
CVE-2021-27853 was published Sep 28, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using combinations... Moderate Unreviewed
CVE-2021-27854 was published Sep 28, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP... Moderate Unreviewed
CVE-2021-27861 was published Sep 28, 2022
Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP... Moderate Unreviewed
CVE-2021-27862 was published Sep 28, 2022
Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to... Moderate Unreviewed
CVE-2025-3909 was published May 14, 2025
The HttpAuth plugin in pGina.Fork through 3.9.9.12 allows authentication bypass when an adversary... Moderate Unreviewed
CVE-2025-48027 was published May 15, 2025
The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 retrieves client IP... Moderate Unreviewed
CVE-2024-13685 was published Mar 4, 2025
Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by... Moderate Unreviewed
CVE-2025-27695 was published May 8, 2025
An app could impersonate system notifications. Sensitive notifications now require restricted... Moderate Unreviewed
CVE-2025-24091 was published Apr 30, 2025
Authentication Bypass by Spoofing in github.com/greenpau/caddy-security Moderate
CVE-2024-21494 was published for github.com/greenpau/caddy-security (Go) Feb 17, 2024
OctoPrint Authenticated Reverse Proxy Page Authentication Bypass Moderate
CVE-2025-32788 was published for octoprint (pip) Apr 22, 2025
jacopotediosi
The Samsung TV (2021 and 2022 model) smart remote control allows attackers to enable microphone... Moderate Unreviewed
CVE-2022-44636 was published Dec 13, 2022
When exiting fullscreen mode, an iframe could have confused the browser about the current state... Moderate Unreviewed
CVE-2022-31738 was published Dec 22, 2022
In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system... Moderate Unreviewed
CVE-2023-5616 was published Apr 15, 2025
Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker allows Identity Spoofing.... Moderate Unreviewed
CVE-2025-32275 was published Apr 10, 2025
Authentication Bypass by Spoofing vulnerability in Asgaros Asgaros Forum allows Identity Spoofing... Moderate Unreviewed
CVE-2025-32227 was published Apr 10, 2025
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for... Moderate Unreviewed
CVE-1999-0012 was published Apr 30, 2022
Improper Control of Interaction Frequency vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings... Moderate Unreviewed
CVE-2023-40332 was published Jun 4, 2024
An issue has been discovered in GitLab affecting all versions starting from 15.4 prior to 15.4.4,... Moderate Unreviewed
CVE-2022-3820 was published Jan 26, 2023
Authentication bypass in the 2FA feature in Devolutions Server 2024.1.14.0 and earlier allows an... Moderate Unreviewed
CVE-2024-4846 was published Jun 25, 2024
Through a series of API calls and redirects, an attacker-controlled alert dialog could have been... Moderate Unreviewed
CVE-2024-1547 was published Feb 20, 2024
Spring Security Vulnerable to Authorization Bypass via Security Annotations Moderate
CVE-2025-22223 was published for org.springframework.security:spring-security-core (Maven) Mar 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database