Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

391 advisories

Loading
IBM Spectrum Protect Server 8.1 through 8.1.26 could allow attacker to bypass authentication due... High Unreviewed
CVE-2025-3319 was published Jun 20, 2025
A web application for configuring the controller is accessible at a specific path. It contains an... High Unreviewed
CVE-2025-25265 was published Jun 16, 2025
The Archify application contains a local privilege escalation vulnerability due to insufficient... High Unreviewed
CVE-2024-9062 was published Jun 11, 2025
CyberData  011209 Intercom exposes features that could allow an unauthenticated to gain ... High Unreviewed
CVE-2025-26468 was published Jun 10, 2025
An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses... High Unreviewed
CVE-2022-34908 was published Feb 27, 2023
An unauthenticated remote attacker can access a URL which causes the device to reboot. High Unreviewed
CVE-2025-41655 was published May 26, 2025
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... High Unreviewed
CVE-2024-7628 was published Aug 15, 2024
In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing... High Unreviewed
CVE-2025-48391 was published May 20, 2025
A vulnerability has been identified in Desigo CC (All versions if access from Installed Clients... High Unreviewed
CVE-2024-23815 was published May 13, 2025
Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system... High Unreviewed
CVE-2020-23648 was published Oct 19, 2022
WF2220 exposes endpoint /cgi-bin-igd/netcore_get.cgi that returns configuration of the device to... High Unreviewed
CVE-2025-3758 was published May 8, 2025
Endpoint /cgi-bin-igd/netcore_set.cgi which is used for changing device configuration is... High Unreviewed
CVE-2025-3759 was published May 8, 2025
A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could... High Unreviewed
CVE-2025-20210 was published May 7, 2025
BKG Professional NtripCaster 2.0.39 allows querying information over the UDP protocol without... High Unreviewed
CVE-2022-42982 was published Nov 17, 2022
An issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229... High Unreviewed
CVE-2022-44784 was published Nov 22, 2022
The /device/acceptBind end-point for Ourphoto App version 1.4.1 does not require authentication... High Unreviewed
CVE-2022-24190 was published Nov 29, 2022
Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller... High Unreviewed
CVE-2024-32752 was published Jun 6, 2024
An issue in the component tpi_systool_handle(0) (/goform/SysToolRestoreSet) of Tenda W6-S v1.0.0... High Unreviewed
CVE-2022-45504 was published Dec 8, 2022
An issue in the component tpi_systool_handle(0) (/goform/SysToolReboot) of Tenda W6-S v1.0.0.4... High Unreviewed
CVE-2022-45498 was published Dec 8, 2022
The Tatsu WordPress plugin before 3.3.12 add_custom_font action can be used without prior... High Unreviewed
CVE-2021-25094 was published Apr 26, 2022
A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that... High Unreviewed
CVE-2017-6873 was published May 13, 2022
Some Dahua software products have a vulnerability of unauthenticated request of MQTT credentials.... High Unreviewed
CVE-2022-45423 was published Dec 27, 2022
An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2023-40393 was published Jan 11, 2024
Missing authentication for critical function vulnerability exists in Wi-Fi AP UNIT 'AC-WPS-11ac... High Unreviewed
CVE-2025-29870 was published Apr 9, 2025
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web... High Unreviewed
CVE-2024-41793 was published Apr 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database