GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,688
Composer 4,731
Erlang 35
GitHub Actions 29
Go 2,308
Maven 5,597
npm 3,949
NuGet 711
pip 3,727
Pub 12
RubyGems 920
Rust 964
Swift 38

Unreviewed advisories

All unreviewed 257,355

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,268 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A vulnerability, which was classified as critical, has been found in Gowabby HFish 0.1. This... Moderate Unreviewed

CVE-2025-5247 was published May 27, 2025

A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by... Moderate Unreviewed

CVE-2025-5149 was published May 25, 2025

An improper authentication vulnerability exists in WSO2 Identity Server 7.0.0 due to an... Moderate Unreviewed

CVE-2024-7487 was published May 22, 2025

An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded... Moderate Unreviewed

CVE-2025-32815 was published May 22, 2025

A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). It has been classified as... Moderate Unreviewed

CVE-2025-4755 was published May 16, 2025

Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to... Moderate Unreviewed

CVE-2025-26685 was published May 13, 2025

The issue was addressed with improved authentication. This issue is fixed in iPadOS 17.7.7, iOS... Moderate Unreviewed

CVE-2025-31228 was published May 13, 2025

A vulnerability, which was classified as critical, was found in JAdmin-JAVA JAdmin 1.0. Affected... Moderate Unreviewed

CVE-2025-4494 was published May 10, 2025

Bypass vulnerability in the network search instruction authentication module Impact: Successful... Moderate Unreviewed

CVE-2025-46590 was published May 6, 2025

A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This... Moderate Unreviewed

CVE-2025-4268 was published May 5, 2025

Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed

CVE-2025-46631 was published May 2, 2025

Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed

CVE-2025-46630 was published May 2, 2025

@cloudflare/workers-oauth-provider PKCE bypass via downgrade attack Moderate

CVE-2025-4144 was published for @cloudflare/workers-oauth-provider (npm) May 1, 2025

Duplicate Advisory: @cloudflare/workers-oauth-provider PKCE bypass via downgrade attack Moderate

GHSA-vh4h-fvqf-q9wv was published for @cloudflare/workers-oauth-provider (npm) May 1, 2025 • withdrawn

Keycloak vulnerable to two factor authentication bypass Moderate

CVE-2025-3910 was published for org.keycloak:keycloak-services (Maven) Apr 30, 2025

Duplicate Advisory: Keycloak vulnerable to two factor authentication bypass Moderate

GHSA-fx44-2wx5-5fvp was published for org.keycloak:keycloak-services (Maven) Apr 29, 2025 • withdrawn

A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160.... Moderate Unreviewed

CVE-2025-4015 was published Apr 28, 2025

A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to... Moderate Unreviewed

CVE-2025-4019 was published Apr 28, 2025

A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to... Moderate Unreviewed

CVE-2025-4018 was published Apr 28, 2025

Moodle self enrollment available before completing second factor with MFA enabled Moderate

CVE-2025-3634 was published for moodle/moodle (Composer) Apr 25, 2025

Moodle makes some user data available before completing second factor with MFA enabled Moderate

CVE-2025-3627 was published for moodle/moodle (Composer) Apr 25, 2025

BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed

CVE-2025-2771 was published Apr 23, 2025

A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue... Moderate Unreviewed

CVE-2025-3850 was published Apr 22, 2025

Vulnerability in the RDBMS Listener component of Oracle Database Server. Supported versions that... Moderate Unreviewed

CVE-2025-30733 was published Apr 15, 2025

An issue in the web socket handshake process of SteVe v3.7.1 allows attackers to bypass... Moderate Unreviewed

CVE-2024-44843 was published Apr 15, 2025

Previous 1 2 3 4 5 … 50 51 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,268 advisories