Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,810 advisories

Loading
Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This issue affects Danfoss AK-SM... High Unreviewed
CVE-2025-41450 was published May 8, 2025
Passport-wsfed-saml2 allows SAML Authentication Bypass via Attribute Smuggling High
CVE-2025-46573 was published for passport-wsfed-saml2 (npm) May 6, 2025
kevinroh-okta
Passport-wsfed-saml2 allows SAML Authentication Bypass via Signature Wrapping Critical
CVE-2025-46572 was published for passport-wsfed-saml2 (npm) May 6, 2025
Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contain(s) an Improper... High Unreviewed
CVE-2025-22477 was published May 6, 2025
Bypass vulnerability in the network search instruction authentication module Impact: Successful... Moderate Unreviewed
CVE-2025-46590 was published May 6, 2025
BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local... High Unreviewed
CVE-2025-0217 was published May 5, 2025
A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This... Moderate Unreviewed
CVE-2025-4268 was published May 5, 2025
Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed
CVE-2025-46631 was published May 2, 2025
Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed
CVE-2025-46630 was published May 2, 2025
@cloudflare/workers-oauth-provider PKCE bypass via downgrade attack Moderate
CVE-2025-4144 was published for @cloudflare/workers-oauth-provider (npm) May 1, 2025
Duplicate Advisory: @cloudflare/workers-oauth-provider PKCE bypass via downgrade attack Moderate
GHSA-vh4h-fvqf-q9wv was published for @cloudflare/workers-oauth-provider (npm) May 1, 2025 withdrawn
Keycloak vulnerable to two factor authentication bypass Moderate
CVE-2025-3910 was published for org.keycloak:keycloak-services (Maven) Apr 30, 2025
Duplicate Advisory: Keycloak vulnerable to two factor authentication bypass Moderate
GHSA-fx44-2wx5-5fvp was published for org.keycloak:keycloak-services (Maven) Apr 29, 2025 withdrawn
YesWiki Vulnerable to Unauthenticated Site Backup Creation and Download Critical
CVE-2025-46348 was published for yeswiki/yeswiki (Composer) Apr 29, 2025
pizza-power
A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160.... Moderate Unreviewed
CVE-2025-4015 was published Apr 28, 2025
A vulnerability, which was classified as critical, was found in 20120630 Novel-Plus up to... Moderate Unreviewed
CVE-2025-4019 was published Apr 28, 2025
A vulnerability, which was classified as critical, has been found in 20120630 Novel-Plus up to... Moderate Unreviewed
CVE-2025-4018 was published Apr 28, 2025
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code... High Unreviewed
CVE-2025-3935 was published Apr 25, 2025
Moodle self enrollment available before completing second factor with MFA enabled Moderate
CVE-2025-3634 was published for moodle/moodle (Composer) Apr 25, 2025
Moodle makes some user data available before completing second factor with MFA enabled Moderate
CVE-2025-3627 was published for moodle/moodle (Composer) Apr 25, 2025
The JobSearch WP Job Board plugin for WordPress is vulnerable to authentication bypass in all... High Unreviewed
CVE-2024-11917 was published Apr 25, 2025
BEC Technologies Multiple Routers Authentication Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2025-2771 was published Apr 23, 2025
An issue in Student Study Center Desk Management System v1.0 allows attackers to bypass... Critical Unreviewed
CVE-2023-44752 was published Apr 22, 2025
A vulnerability, which was classified as problematic, has been found in YXJ2018 SpringBoot-Vue... Moderate Unreviewed
CVE-2025-3850 was published Apr 22, 2025
Vulnerability in Hewlett Packard Enterprise HPE Performance Cluster Manager (HPCM).This issue... High Unreviewed
CVE-2025-27086 was published Apr 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database