Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,337
Maven
5,000+
npm
3,971
NuGet
713
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,810 advisories

Loading
Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion... Low Unreviewed
CVE-2024-38822 was published Jun 13, 2025
Permission vulnerability in the mobile application (com.afmobi.boomplayer) may lead to the risk... Critical Unreviewed
CVE-2025-6172 was published Jun 16, 2025
In ExtremeCloud Universal ZTNA, a syntax error in the 'searchKeyword' condition caused queries to... Moderate Unreviewed
CVE-2025-6083 was published Jun 13, 2025
A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This... Moderate Unreviewed
CVE-2025-5906 was published Jun 10, 2025
Salt has minion event bus authorization bypass vulnerability High
CVE-2025-22236 was published for salt (pip) Jun 13, 2025
Salt's salt.auth.pki module does not properly authenticate callers Moderate
CVE-2024-38825 was published for salt (pip) Jun 13, 2025
Authorization vulnerability in the BootLoader module. Successful exploitation of this... High Unreviewed
CVE-2023-52111 was published Jan 16, 2024
pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration High
CVE-2025-49146 was published for org.postgresql:postgresql (Maven) Jun 11, 2025
jawj
A vulnerability was found in code-projects School Fees Payment System 1.0 and classified as... Moderate Unreviewed
CVE-2025-5985 was published Jun 11, 2025
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with... High Unreviewed
CVE-2023-51761 was published Feb 9, 2024
Erxes Incorrect Access Control vulnerability High
CVE-2024-57190 was published for erxes (npm) Jun 10, 2025
A CWE-255: Credentials Management vulnerability exists in Web Server on Modicon M340, Modicon... Critical Unreviewed
CVE-2020-7533 was published May 24, 2022
An issue in KeeperChat IOS Application v.5.8.8 allows a physically proximate attacker to escalate... Moderate Unreviewed
CVE-2025-29627 was published Jun 9, 2025
A vulnerability was found in eGauge EG3000 Energy Monitor 3.6.3. It has been classified as... Moderate Unreviewed
CVE-2025-5872 was published Jun 9, 2025
A vulnerability classified as problematic was found in Lucky LM-520-SC, LM-520-FSC and LM-520-FSC... Moderate Unreviewed
CVE-2025-5876 was published Jun 9, 2025
A vulnerability was found in Papendorf SOL Connect Center 3.3.0.0 and classified as problematic.... Moderate Unreviewed
CVE-2025-5871 was published Jun 9, 2025
A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 Build 36 and classified as critical.... Moderate Unreviewed
CVE-2025-5870 was published Jun 9, 2025
An improper authentication vulnerability has been reported to affect QHora. If an attacker gains... Moderate Unreviewed
CVE-2024-13088 was published Jun 6, 2025
Pekko Management may not properly apply authenticator when Basic Authentication enabled Moderate
CVE-2025-46548 was published for com.lightbend.akka.management:akka-management_2.12 (Maven) Jun 3, 2025
Bypass vulnerability in the device management channel Impact: Successful exploitation of this... High Unreviewed
CVE-2025-48909 was published Jun 6, 2025
An elevation of privilege vulnerability exists when Visual Studio improperly handles pipeline job... Critical Unreviewed
CVE-2025-29813 was published May 9, 2025
In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior,... Low Unreviewed
CVE-2020-14477 was published May 24, 2022
Philips SureSigns VS4, A.07.107 and prior. When an actor claims to have a given identity, the... Moderate Unreviewed
CVE-2020-16239 was published May 24, 2022
Improper Authentication vulnerability in WF Steuerungstechnik GmbH airleader MASTER allows... Critical Unreviewed
CVE-2025-5597 was published Jun 4, 2025
The component controlla_login function in HotelDruid Hotel Management Software v3.0.3 generates a... Critical Unreviewed
CVE-2021-42949 was published Sep 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database