GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,920
Composer 5,068
Erlang 39
GitHub Actions 38
Go 2,722
Maven 6,143
npm 4,329
NuGet 762
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 279,212

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

45 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An attacker could take over a Looker account in a Looker instance configured with OIDC... Critical Unreviewed

CVE-2025-12414 was published Nov 20, 2025

Authentication Bypass by Spoofing vulnerability in Saad Iqbal All In One Login change-wp-admin... Critical Unreviewed

CVE-2025-58595 was published Nov 6, 2025

Official Document Management System developed by 2100 Technology has an Authentication Bypass... Critical Unreviewed

CVE-2025-8853 was published Aug 11, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Critical Unreviewed

CVE-2025-36594 was published Aug 4, 2025

A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in... Critical Unreviewed

CVE-2025-43245 was published Jul 30, 2025

A cryptographic authentication bypass vulnerability exists in OneLogin AD Connector prior to 6.1... Critical Unreviewed

CVE-2025-34063 was published Jul 1, 2025

An issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses... Critical Unreviewed

CVE-2023-41591 was published May 29, 2025

An issue in TOTVS Framework (Linha Protheus) 12.1.2310 allows attackers to bypass multi-factor... Critical Unreviewed

CVE-2024-55210 was published Apr 9, 2025

AMI’s SPx contains a vulnerability in the BMC where an Attacker may bypass authentication... Critical Unreviewed

CVE-2024-54085 was published Mar 11, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed

CVE-2025-27671 was published Mar 5, 2025

Logic vulnerability in the mobile application (com.transsion.carlcare) may lead to the risk of... Critical Unreviewed

CVE-2025-1298 was published Feb 14, 2025

The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and... Critical Unreviewed

CVE-2022-3180 was published Feb 12, 2025

Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to... Critical Unreviewed

CVE-2025-21415 was published Jan 30, 2025

The Electronic Official Document Management System from 2100 Technology has an Authentication... Critical Unreviewed

CVE-2024-13061 was published Dec 31, 2024

In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp... Critical Unreviewed

CVE-2024-12108 was published Dec 31, 2024

An issue was discovered in Kurmi Provisioning Suite 7.9.0.33. If an X-Forwarded-For header is... Critical Unreviewed

CVE-2024-54450 was published Dec 27, 2024

An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7... Critical Unreviewed

CVE-2024-6678 was published Sep 12, 2024

Security check loophole in HAProxy release (in combination with routing release) in Cloud Foundry... Critical Unreviewed

CVE-2024-37082 was published Jul 3, 2024

By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it... Critical Unreviewed

CVE-2024-29006 was published Apr 4, 2024

The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15... Critical Unreviewed

CVE-2024-23674 was published Feb 16, 2024

A spoofing attack in ujcms v.8.0.2 allows a remote attacker to obtain sensitive information and... Critical Unreviewed

CVE-2023-51350 was published Jan 12, 2024

Windows Kerberos Security Feature Bypass Vulnerability Critical Unreviewed

CVE-2024-20674 was published Jan 9, 2024

Vulnerability of identity verification being bypassed in the face unlock module. Successful... Critical Unreviewed

CVE-2023-5801 was published Nov 8, 2023

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication... Critical Unreviewed

CVE-2023-30803 was published Oct 10, 2023

Authentication Bypass by Spoofing vulnerability in Neutron Neutron Smart VMS allows... Critical Unreviewed

CVE-2023-4178 was published Sep 5, 2023

Previous12 Next

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

45 advisories