Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,781
Erlang
36
GitHub Actions
29
Go
2,345
Maven
5,000+
npm
3,976
NuGet
719
pip
3,772
Pub
12
RubyGems
923
Rust
980
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

282 advisories

Loading
A vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with... Moderate Unreviewed
CVE-2024-35295 was published Jun 11, 2025
A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This... Moderate Unreviewed
CVE-2025-5906 was published Jun 10, 2025
The wallet has an authentication bypass vulnerability that allows access to specific pages. Moderate Unreviewed
CVE-2025-5719 was published Jun 6, 2025
The installer in SIGB PMB before 8.0.1.2 allows remote code execution. Moderate Unreviewed
CVE-2025-48742 was published May 27, 2025
The devices do not implement any authentication for the web interface or the MQTT server. An... Moderate Unreviewed
CVE-2025-27803 was published May 21, 2025
In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue... Moderate Unreviewed
CVE-2025-47850 was published May 20, 2025
Missing authentication for critical function issue exists in I-O DATA network attached hard disk ... Moderate Unreviewed
CVE-2025-32738 was published May 15, 2025
A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an... Moderate Unreviewed
CVE-2025-0132 was published May 14, 2025
CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections... Moderate Unreviewed
CVE-2025-44039 was published May 13, 2025
The ISOinsight from Netvision has a Missing Authentication vulnerability, allowing... Moderate Unreviewed
CVE-2025-4560 was published May 12, 2025
A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based... Moderate Unreviewed
CVE-2025-4382 was published May 9, 2025
A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This... Moderate Unreviewed
CVE-2025-4268 was published May 5, 2025
IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF001 Center may leak sensitive... Moderate Unreviewed
CVE-2025-1495 was published May 3, 2025
An access issue was addressed with improved access restrictions. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-24271 was published Apr 29, 2025
Missing Authentication for Critical Function vulnerability in Drupal Panels allows Exploiting... Moderate Unreviewed
CVE-2025-3474 was published Apr 9, 2025
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web... Moderate Unreviewed
CVE-2024-41791 was published Apr 8, 2025
In Zammad 6.4.x before 6.4.2, an authenticated agent with knowledge base permissions was able to... Moderate Unreviewed
CVE-2025-32357 was published Apr 5, 2025
HCL DevOps Deploy / HCL Launch could allow unauthorized access to other services or potential... Moderate Unreviewed
CVE-2025-0257 was published Apr 3, 2025
IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.22, 7.2 through 7.2.3.15, and 7.3 through 7.3.2.10 /... Moderate Unreviewed
CVE-2024-56469 was published Mar 27, 2025
A unauthorized access vulnerability exists in the Xiaomi phone framework. The vulnerability is... Moderate Unreviewed
CVE-2024-45355 was published Mar 27, 2025
HCL DevOps Deploy / HCL Launch could allow an authenticated user to obtain sensitive information... Moderate Unreviewed
CVE-2025-0256 was published Mar 24, 2025
The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2024-13772 was published Mar 14, 2025
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.8),... Moderate Unreviewed
CVE-2024-52285 was published Mar 11, 2025
SAP NetWeaver Enterprise Portal OBN does not perform proper authentication check for a particular... Moderate Unreviewed
CVE-2025-23194 was published Mar 11, 2025
Server-Side Access Control Bypass vulnerability in WombatDialer before 25.02 could allow... Moderate Unreviewed
CVE-2024-57055 was published Feb 18, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database