GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,755
Composer 4,856
Erlang 36
GitHub Actions 36
Go 2,488
Maven 5,911
npm 4,104
NuGet 735
pip 3,923
Pub 12
RubyGems 945
Rust 1,017
Swift 39

Unreviewed advisories

All unreviewed 268,387

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,149 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In mintplex-labs/anything-llm v1.5.11 desktop version for Windows, the application opens server... Critical Unreviewed

CVE-2024-8196 was published Mar 20, 2025

Missing authentication for critical function vulnerability in the webapi component in Synology... High Unreviewed

CVE-2024-50630 was published Mar 19, 2025

On IROAD v9 devices, one can Remotely Dump Video Footage and the Live Video Stream. The dashcam... High Unreviewed

CVE-2025-30111 was published Mar 18, 2025

An unauthenticated remote attacker can gain access to the cloud API due to a lack of... Critical Unreviewed

CVE-2024-23943 was published Mar 18, 2025

The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... Critical Unreviewed

CVE-2024-13771 was published Mar 14, 2025

The Civi - Job Board & Freelance Marketplace WordPress Theme plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2024-13772 was published Mar 14, 2025

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.8),... Moderate Unreviewed

CVE-2024-52285 was published Mar 11, 2025

SAP NetWeaver Enterprise Portal OBN does not perform proper authentication check for a particular... Moderate Unreviewed

CVE-2025-23194 was published Mar 11, 2025

Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup... High Unreviewed

CVE-2025-27256 was published Mar 10, 2025

The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in... Critical Unreviewed

CVE-2025-1315 was published Mar 7, 2025

The School Management System for Wordpress plugin for WordPress is vulnerable to privilege... High Unreviewed

CVE-2024-9658 was published Mar 7, 2025

Peppermint Ticket Management 0.4.6 is vulnerable to Incorrect Access Control. A regular... High Unreviewed

CVE-2024-31525 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed

CVE-2025-27642 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253... Critical Unreviewed

CVE-2025-27647 was published Mar 5, 2025

Certain functionality within GMOD Apollo does not require authentication when passed with an... Critical Unreviewed

CVE-2025-24924 was published Mar 5, 2025

The Login Me Now plugin for WordPress is vulnerable to authentication bypass in versions up to,... High Unreviewed

CVE-2025-1717 was published Feb 27, 2025

Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to... High Unreviewed

CVE-2025-21355 was published Feb 20, 2025

Server-Side Access Control Bypass vulnerability in WombatDialer before 25.02 could allow... Moderate Unreviewed

CVE-2024-57055 was published Feb 18, 2025

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version)... Moderate Unreviewed

CVE-2025-25224 was published Feb 18, 2025

An issue in the Arcadyan Livebox Fibra PRV3399B_B_LT allows a remote or local attacker to modify... Moderate Unreviewed

CVE-2024-57725 was published Feb 14, 2025

The administrative web interface of mySCADA myPRO Manager can be accessed without... Critical Unreviewed

CVE-2025-24865 was published Feb 14, 2025

The Dingtian DT-R0 Series is vulnerable to an exploit that allows attackers to bypass login... Critical Unreviewed

CVE-2025-1283 was published Feb 14, 2025

Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote... Critical Unreviewed

CVE-2025-0896 was published Feb 13, 2025

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated... High Unreviewed

CVE-2025-0108 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26362 was published Feb 12, 2025

Previous 1…6…46 Next

Previous 1 2 3 4 5 6 7 8 … 45 46 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,149 advisories