Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,277 advisories

Loading
An improper authentication vulnerability has been reported to affect QHora. If an attacker gains... Moderate Unreviewed
CVE-2024-13088 was published Jun 6, 2025
A vulnerability, which was classified as critical, was found in quequnlong shiyi-blog up to 1.2.1... Moderate Unreviewed
CVE-2025-5512 was published Jun 3, 2025
Pekko Management may not properly apply authenticator when Basic Authentication enabled Moderate
CVE-2025-46548 was published for com.lightbend.akka.management:akka-management_2.12 (Maven) Jun 3, 2025
A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has been classified as critical.... Moderate Unreviewed
CVE-2025-5495 was published Jun 3, 2025
A vulnerability classified as critical has been found in Multilaser Sirius RE016 MLT1.0. Affected... Moderate Unreviewed
CVE-2025-5437 was published Jun 2, 2025
An authentication issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed
CVE-2025-31264 was published May 30, 2025
Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11... Moderate Unreviewed
CVE-2025-48746 was published May 28, 2025
A vulnerability, which was classified as critical, has been found in Gowabby HFish 0.1. This... Moderate Unreviewed
CVE-2025-5247 was published May 27, 2025
A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by... Moderate Unreviewed
CVE-2025-5149 was published May 25, 2025
An improper authentication vulnerability exists in WSO2 Identity Server 7.0.0 due to an... Moderate Unreviewed
CVE-2024-7487 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 16.8 before 17.10.7, 17... Moderate Unreviewed
CVE-2025-0605 was published May 22, 2025
An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded... Moderate Unreviewed
CVE-2025-32815 was published May 22, 2025
A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). It has been classified as... Moderate Unreviewed
CVE-2025-4755 was published May 16, 2025
Improper authentication in Microsoft Defender for Identity allows an unauthorized attacker to... Moderate Unreviewed
CVE-2025-26685 was published May 13, 2025
The issue was addressed with improved authentication. This issue is fixed in iPadOS 17.7.7, iOS... Moderate Unreviewed
CVE-2025-31228 was published May 13, 2025
A vulnerability, which was classified as critical, was found in JAdmin-JAVA JAdmin 1.0. Affected... Moderate Unreviewed
CVE-2025-4494 was published May 10, 2025
Bypass vulnerability in the network search instruction authentication module Impact: Successful... Moderate Unreviewed
CVE-2025-46590 was published May 6, 2025
A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This... Moderate Unreviewed
CVE-2025-4268 was published May 5, 2025
Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed
CVE-2025-46631 was published May 2, 2025
Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed
CVE-2025-46630 was published May 2, 2025
@cloudflare/workers-oauth-provider PKCE bypass via downgrade attack Moderate
CVE-2025-4144 was published for @cloudflare/workers-oauth-provider (npm) May 1, 2025
Duplicate Advisory: @cloudflare/workers-oauth-provider PKCE bypass via downgrade attack Moderate
GHSA-vh4h-fvqf-q9wv was published for @cloudflare/workers-oauth-provider (npm) May 1, 2025 withdrawn
Keycloak vulnerable to two factor authentication bypass Moderate
CVE-2025-3910 was published for org.keycloak:keycloak-services (Maven) Apr 30, 2025
Duplicate Advisory: Keycloak vulnerable to two factor authentication bypass Moderate
GHSA-fx44-2wx5-5fvp was published for org.keycloak:keycloak-services (Maven) Apr 29, 2025 withdrawn
A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160.... Moderate Unreviewed
CVE-2025-4015 was published Apr 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database