GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,393
Composer 4,825
Erlang 36
GitHub Actions 32
Go 2,417
Maven 5,811
npm 4,054
NuGet 723
pip 3,845
Pub 12
RubyGems 933
Rust 1,005
Swift 38

Unreviewed advisories

All unreviewed 264,901

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

48 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges... Moderate Unreviewed

CVE-2025-47995 was published Jul 18, 2025

The protocol used for remote linking over RF for End-of-Train and Head-of-Train (also known as a... High Unreviewed

CVE-2025-1727 was published Jul 11, 2025

Weak authentication in EOL ASP.NET Core allows an unauthorized attacker to elevate privileges... High Unreviewed

CVE-2025-7326 was published Jul 8, 2025

Weak Authentication vulnerability in AresIT WP Compress allows Authentication Abuse. This issue... Moderate Unreviewed

CVE-2025-47479 was published Jul 4, 2025

A username and password are required to authenticate to the central SinoTrack device management... High Unreviewed

CVE-2025-5484 was published Jun 12, 2025

An improper authentication vulnerability [CWE-287] in Fortinet FortiClientEMS version 7.4.0 and... Moderate Unreviewed

CVE-2024-32119 was published Jun 10, 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 16.8 before 17.10.7, 17... Moderate Unreviewed

CVE-2025-0605 was published May 22, 2025

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there... Moderate Unreviewed

CVE-2025-32885 was published May 2, 2025

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The app there... Moderate Unreviewed

CVE-2025-32883 was published May 2, 2025

Weak Authentication vulnerability in Quentn.com GmbH Quentn WP allows Privilege Escalation. This... Critical Unreviewed

CVE-2025-39596 was published Apr 17, 2025

Weak authentication in Windows Active Directory Certificate Services allows an authorized... High Unreviewed

CVE-2025-27740 was published Apr 8, 2025

Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature... Moderate Unreviewed

CVE-2025-26635 was published Apr 8, 2025

A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 (All versions),... Critical Unreviewed

CVE-2024-54092 was published Apr 8, 2025

Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes... Moderate Unreviewed

CVE-2024-45551 was published Apr 7, 2025

Yubico YubiKey 5.4.1 through 5.7.3 before 5.7.4 has an incorrect FIDO CTAP PIN/UV Auth Protocol... Low Unreviewed

CVE-2025-29991 was published Apr 3, 2025

Weak Authentication vulnerability in Drupal Email TFA allows Brute Force.This issue affects Email... High Unreviewed

CVE-2025-31676 was published Apr 1, 2025

This vulnerability exists in the CAP back office application due to improper authentication check... High Unreviewed

CVE-2025-29994 was published Mar 13, 2025

Dell Client Platform BIOS contains a Weak Authentication vulnerability. A high privileged... High Unreviewed

CVE-2024-52541 was published Feb 19, 2025

Orca HCM from LEARNING DIGITAL has an Improper Authentication vulnerability, allowing... Critical Unreviewed

CVE-2025-1387 was published Feb 17, 2025

A CWE-1390 "Weak Authentication" in the PIN authentication mechanism in Q-Free MaxTime less than... High Unreviewed

CVE-2025-26343 was published Feb 12, 2025

A vulnerability in the ClearPass Policy Manager web-based management interface allows a low... High Unreviewed

CVE-2025-23058 was published Feb 4, 2025

Vulnerability in the JD Edwards EnterpriseOne Orchestrator product of Oracle JD Edwards ... Moderate Unreviewed

CVE-2025-21552 was published Jan 21, 2025

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1,... High Unreviewed

CVE-2024-50563 was published Jan 16, 2025

A weak authentication in Fortinet FortiOS versions 7.4.0 through 7.4.4, 7.2.0 through 7.2.8, 7.0... Critical Unreviewed

CVE-2024-48886 was published Jan 14, 2025

Weak Authentication vulnerability in Drupal Two-factor Authentication (TFA) allows Authentication... Critical Unreviewed

CVE-2024-13239 was published Jan 9, 2025

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

48 advisories