GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,693
Composer 4,732
Erlang 35
GitHub Actions 29
Go 2,310
Maven 5,598
npm 3,949
NuGet 711
pip 3,728
Pub 12
RubyGems 920
Rust 964
Swift 38

Unreviewed advisories

All unreviewed 257,392

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

317 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses... Critical Unreviewed

CVE-2023-41591 was published May 29, 2025

Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a... Moderate Unreviewed

CVE-2025-5067 was published May 27, 2025

The HttpAuth plugin in pGina.Fork through 3.9.9.12 allows authentication bypass when an adversary... Moderate Unreviewed

CVE-2025-48027 was published May 15, 2025

Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an... High Unreviewed

CVE-2025-3875 was published May 14, 2025

Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to... Moderate Unreviewed

CVE-2025-3909 was published May 14, 2025

Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by... Moderate Unreviewed

CVE-2025-27695 was published May 8, 2025

An app could impersonate system notifications. Sensitive notifications now require restricted... Moderate Unreviewed

CVE-2025-24091 was published Apr 30, 2025

An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP... High Unreviewed

CVE-2025-28128 was published Apr 25, 2025

Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in... High Unreviewed

CVE-2025-29621 was published Apr 22, 2025

There is a whitelist mechanism bypass in GameCenter ,successful exploitation of this... High Unreviewed

CVE-2025-2188 was published Apr 17, 2025

In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system... Moderate Unreviewed

CVE-2023-5616 was published Apr 15, 2025

Authentication Bypass by Spoofing vulnerability in Asgaros Asgaros Forum allows Identity Spoofing... Moderate Unreviewed

CVE-2025-32227 was published Apr 10, 2025

Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker allows Identity Spoofing.... Moderate Unreviewed

CVE-2025-32275 was published Apr 10, 2025

An issue in TOTVS Framework (Linha Protheus) 12.1.2310 allows attackers to bypass multi-factor... Critical Unreviewed

CVE-2024-55210 was published Apr 9, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed

CVE-2025-31170 was published Apr 7, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed

CVE-2024-58124 was published Apr 7, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed

CVE-2024-58127 was published Apr 7, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed

CVE-2024-58126 was published Apr 7, 2025

Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed

CVE-2024-58125 was published Apr 7, 2025

A crafted URL containing specific Unicode characters could have hidden the true origin of the... High Unreviewed

CVE-2025-3029 was published Apr 1, 2025

An issue was discovered on G-Net Dashcam BB GONX devices. Bypassing of Device Pairing can occur.... High Unreviewed

CVE-2025-30142 was published Mar 18, 2025

On IROAD X5 devices, a Bypass of Device Pairing can occur via MAC Address Spoofing. The dashcam's... Moderate Unreviewed

CVE-2025-30110 was published Mar 18, 2025

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication... Critical Unreviewed

CVE-2024-54085 was published Mar 11, 2025

Certain crafted MIME email messages that claimed to contain an encrypted OpenPGP message, which... High Unreviewed

CVE-2025-26696 was published Mar 10, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed

CVE-2025-27671 was published Mar 5, 2025

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

317 advisories