Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,485
Maven
5,000+
npm
4,104
NuGet
734
pip
3,918
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,146 advisories

Loading
The Quantenna Wi-Fi chips ship with an unauthenticated telnet interface by default. This is an... Critical Unreviewed
CVE-2025-3461 was published Jun 8, 2025
In the moPS App through 1.8.618, all users can access administrative API endpoints without... Critical Unreviewed
CVE-2024-55585 was published Jun 7, 2025
A missing authentication for critical function vulnerability in the client application of Soar... Critical Unreviewed
CVE-2025-5192 was published Jun 6, 2025
The wallet has an authentication bypass vulnerability that allows access to specific pages. Moderate Unreviewed
CVE-2025-5719 was published Jun 6, 2025
Instantel Micromate lacks authentication on a configuration port which could allow an attacker to... Critical Unreviewed
CVE-2025-1907 was published May 30, 2025
A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6... Critical Unreviewed
CVE-2025-22252 was published May 28, 2025
Due to missing authentication on a critical function of the devices an unauthenticated remote... Critical Unreviewed
CVE-2025-41651 was published May 27, 2025
Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows... Critical Unreviewed
CVE-2025-2407 was published May 27, 2025
The installer in SIGB PMB before 8.0.1.2 allows remote code execution. Moderate Unreviewed
CVE-2025-48742 was published May 27, 2025
Missing authentication vulnerability in TCMAN GIM v11. This allows an unauthenticated attacker to... Critical Unreviewed
CVE-2025-40664 was published May 26, 2025
An unauthenticated remote attacker can access a URL which causes the device to reboot. High Unreviewed
CVE-2025-41655 was published May 26, 2025
An unauthenticated remote attacker can access information about running processes via the SNMP... High Unreviewed
CVE-2025-41654 was published May 26, 2025
The embedded web server lacks authentication and access controls, allowing unrestricted remote... Critical Unreviewed
CVE-2025-36535 was published May 21, 2025
The devices do not implement any authentication for the web interface or the MQTT server. An... Moderate Unreviewed
CVE-2025-27803 was published May 21, 2025
In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing... High Unreviewed
CVE-2025-48391 was published May 20, 2025
In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue... Moderate Unreviewed
CVE-2025-47850 was published May 20, 2025
Missing authentication for critical function issue exists in I-O DATA network attached hard disk ... Moderate Unreviewed
CVE-2025-32738 was published May 15, 2025
A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an... Moderate Unreviewed
CVE-2025-0132 was published May 14, 2025
NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via... Critical Unreviewed
CVE-2024-46506 was published May 13, 2025
CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections... Moderate Unreviewed
CVE-2025-44039 was published May 13, 2025
A vulnerability has been identified in Desigo CC (All versions if access from Installed Clients... High Unreviewed
CVE-2024-23815 was published May 13, 2025
The ISOinsight from Netvision has a Missing Authentication vulnerability, allowing... Moderate Unreviewed
CVE-2025-4560 was published May 12, 2025
The web management interface of Okcat Parking Management Platform from ZONG YU has a Missing... Critical Unreviewed
CVE-2025-4555 was published May 12, 2025
The specific APIs of Parking Management System from ZONG YU has a Missing Authentication... Critical Unreviewed
CVE-2025-4557 was published May 12, 2025
A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based... Moderate Unreviewed
CVE-2025-4382 was published May 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database