Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,778
Erlang
36
GitHub Actions
29
Go
2,336
Maven
5,000+
npm
3,969
NuGet
713
pip
3,767
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

377 advisories

Loading
matrix-sdk-crypto vulnerable to sender of encrypted events being spoofed by homeserver administrator Moderate
CVE-2025-48937 was published for matrix-sdk-crypto (Rust) Jun 10, 2025
dkasak richvdh
Authentication bypass vulnerability in the DSoftBus module Impact: Successful exploitation of... High Unreviewed
CVE-2025-48906 was published Jun 6, 2025
An issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses... Critical Unreviewed
CVE-2023-41591 was published May 29, 2025
Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a... Moderate Unreviewed
CVE-2025-5067 was published May 27, 2025
Babylon Finality Provider `MsgCommitPubRandList` replay attack High
GHSA-7mm3-vfg8-7rg6 was published for github.com/babylonlabs-io/babylon (Go) May 15, 2025
The HttpAuth plugin in pGina.Fork through 3.9.9.12 allows authentication bypass when an adversary... Moderate Unreviewed
CVE-2025-48027 was published May 15, 2025
Thunderbird parses addresses in a way that can allow sender spoofing in case the server allows an... High Unreviewed
CVE-2025-3875 was published May 14, 2025
Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to... Moderate Unreviewed
CVE-2025-3909 was published May 14, 2025
Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by... Moderate Unreviewed
CVE-2025-27695 was published May 8, 2025
Passport-wsfed-saml2 allows SAML Authentication Bypass via Attribute Smuggling High
CVE-2025-46573 was published for passport-wsfed-saml2 (npm) May 6, 2025
kevinroh-okta
An app could impersonate system notifications. Sensitive notifications now require restricted... Moderate Unreviewed
CVE-2025-24091 was published Apr 30, 2025
An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP... High Unreviewed
CVE-2025-28128 was published Apr 25, 2025
Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in... High Unreviewed
CVE-2025-29621 was published Apr 22, 2025
OctoPrint Authenticated Reverse Proxy Page Authentication Bypass Moderate
CVE-2025-32788 was published for octoprint (pip) Apr 22, 2025
jacopotediosi
There is a whitelist mechanism bypass in GameCenter ,successful exploitation of this... High Unreviewed
CVE-2025-2188 was published Apr 17, 2025
In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system... Moderate Unreviewed
CVE-2023-5616 was published Apr 15, 2025
Authentication Bypass by Spoofing vulnerability in Asgaros Asgaros Forum allows Identity Spoofing... Moderate Unreviewed
CVE-2025-32227 was published Apr 10, 2025
Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker allows Identity Spoofing.... Moderate Unreviewed
CVE-2025-32275 was published Apr 10, 2025
An issue in TOTVS Framework (Linha Protheus) 12.1.2310 allows attackers to bypass multi-factor... Critical Unreviewed
CVE-2024-55210 was published Apr 9, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed
CVE-2025-31170 was published Apr 7, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed
CVE-2024-58124 was published Apr 7, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed
CVE-2024-58126 was published Apr 7, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed
CVE-2024-58125 was published Apr 7, 2025
Access control vulnerability in the security verification module Impact: Successful exploitation... High Unreviewed
CVE-2024-58127 was published Apr 7, 2025
A crafted URL containing specific Unicode characters could have hidden the true origin of the... High Unreviewed
CVE-2025-3029 was published Apr 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database