GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,699
Composer 4,850
Erlang 36
GitHub Actions 34
Go 2,480
Maven 5,894
npm 4,097
NuGet 734
pip 3,910
Pub 12
RubyGems 945
Rust 1,014
Swift 39

Unreviewed advisories

All unreviewed 267,609

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,231 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects... High Unreviewed

CVE-2025-7679 was published Aug 11, 2025

Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects... High Unreviewed

CVE-2025-7677 was published Aug 11, 2025

Mattermost Confluence Plugin is Missing Authentication for Critical Function High

CVE-2025-44004 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025

Mattermost Confluence Plugin is Missing Authentication for Critical Function High

CVE-2025-54478 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025

A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their... High Unreviewed

CVE-2025-41686 was published Aug 12, 2025

Missing authentication for critical function in Windows StateRepository API allows an authorized... High Unreviewed

CVE-2025-53789 was published Aug 12, 2025

OpenBao allows cancellation of root rekey and recovery rekey operations without authentication Moderate

CVE-2025-52894 was published for github.com/openbao/openbao (Go) Jun 26, 2025

Missing Authentication for Critical Function vulnerability in ABB ABB AbilityTM zenon.This issue... High Unreviewed

CVE-2025-8754 was published Aug 13, 2025

A security issue exists within the 5032 16pt Digital Configurable module’s web server.... High Unreviewed

CVE-2025-7774 was published Aug 14, 2025

KuWFi CPF908-CP5 WEB5.0_LCD_20210125 devices have multiple unauthenticated access control... Critical Unreviewed

CVE-2025-43983 was published Aug 14, 2025

Flowise OS command remote code execution Critical

CVE-2025-8943 was published for flowise (npm) Aug 14, 2025

An unauthenticated remote attacker can grant access without password protection to the affected... Moderate Unreviewed

CVE-2025-41689 was published Aug 19, 2025

AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution... Critical Unreviewed

CVE-2025-8610 was published Aug 20, 2025

AOMEI Cyber Backup Missing Authentication for Critical Function Remote Code Execution... Critical Unreviewed

CVE-2025-8611 was published Aug 20, 2025

An issue was discovered in Cicool builder 3.4.4 allowing attackers to reset the administrator's... Moderate Unreviewed

CVE-2025-51543 was published Aug 19, 2025

A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro... Critical Unreviewed

CVE-2025-27214 was published Aug 21, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Authenticator... Critical Unreviewed

CVE-2025-8995 was published Aug 15, 2025

WebITR developed by Uniong has a Missing Authentication vulnerability, allowing unauthenticated... Critical Unreviewed

CVE-2025-9254 was published Aug 22, 2025

An unauthenticated remote attacker can access information about running processes via the SNMP... High Unreviewed

CVE-2025-41654 was published May 26, 2025

An authentication bypass vulnerability exists which allows an unauthenticated attacker to control... Critical Unreviewed

CVE-2025-53118 was published Aug 26, 2025

The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that may cause... High Unreviewed

CVE-2025-8627 was published Aug 26, 2025

The system exposes several endpoints, typically including "/int/" in their path, that should be... High Unreviewed

CVE-2025-30037 was published Aug 27, 2025

The paths "/cgi-bin/CliniNET.prd/utils/userlogstat.pl", "/cgi-bin/CliniNET.prd/utils/usrlogstat... Critical Unreviewed

CVE-2025-30041 was published Aug 27, 2025

Unauthenticated access to the "/cgi-bin/CliniNET.prd/GetActiveSessions.pl" endpoint allows... Critical Unreviewed

CVE-2025-30039 was published Aug 27, 2025

The "serverConfig" endpoint, which returns the module configuration including credentials, is... Moderate Unreviewed

CVE-2025-30048 was published Aug 27, 2025

Previous 1…4950 Next

Previous 1 2 … 46 47 48 49 50 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,231 advisories