GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,782
Composer 5,036
Erlang 39
GitHub Actions 38
Go 2,681
Maven 6,126
npm 4,309
NuGet 760
pip 4,083
Pub 12
RubyGems 958
Rust 1,061
Swift 45

Unreviewed advisories

All unreviewed 278,435

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

198 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.3 before 18.4.5, 18... Moderate Unreviewed

CVE-2025-12653 was published Nov 26, 2025

The issue was addressed with improved checks. This issue is fixed in iOS 26.1 and iPadOS 26.1,... Moderate Unreviewed

CVE-2025-43493 was published Nov 4, 2025

An inconsistent user interface issue was addressed with improved state management. This issue is... Moderate Unreviewed

CVE-2025-43503 was published Nov 4, 2025

Authentication bypass by spoofing in Microsoft Configuration Manager allows an authorized... Moderate Unreviewed

CVE-2025-59501 was published Oct 31, 2025

An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products... Moderate Unreviewed

CVE-2025-5605 was published Oct 24, 2025

Reolink desktop application 8.18.12 contains a vulnerability in its local authentication... Moderate Unreviewed

CVE-2025-56800 was published Oct 21, 2025

This vulnerability affects Firefox < 143 and Thunderbird < 143. Moderate Unreviewed

CVE-2025-10530 was published Sep 16, 2025

One Identity by Quest Safeguard for Privileged Passwords Appliance 7.5.1.20903 is vulnerable to... Moderate Unreviewed

CVE-2025-56689 was published Sep 8, 2025

In multiple locations, there is a possible lock screen bypass due to a logic error in the code.... Moderate Unreviewed

CVE-2025-26421 was published Sep 4, 2025

The SourceCodester Android application "Corona Virus Tracker App India" 1.0 uses MD5 for digest... Moderate Unreviewed

CVE-2025-56608 was published Sep 3, 2025

An Authentication Bypass vulnerability in Blue Access' Cobalt X1 thru 02.000.187 allows an... Moderate Unreviewed

CVE-2025-50454 was published Aug 5, 2025

CSC Pay Mobile App 2.19.4 (fixed in version 2.20.0) contains a vulnerability allowing users to... Moderate Unreviewed

CVE-2025-46018 was published Aug 1, 2025

An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd... Moderate Unreviewed

CVE-2025-34065 was published Jul 1, 2025

An authentication bypass vulnerability exists in AVTECH IP camera, DVR, and NVR devices’ streamd... Moderate Unreviewed

CVE-2025-34053 was published Jul 1, 2025

The Versa Director SD-WAN orchestration platform implements Two-Factor Authentication (2FA) using... Moderate Unreviewed

CVE-2025-23168 was published Jun 19, 2025

Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a... Moderate Unreviewed

CVE-2025-5067 was published May 27, 2025

The HttpAuth plugin in pGina.Fork through 3.9.9.12 allows authentication bypass when an adversary... Moderate Unreviewed

CVE-2025-48027 was published May 15, 2025

Thunderbird's handling of the X-Mozilla-External-Attachment-URL header can be exploited to... Moderate Unreviewed

CVE-2025-3909 was published May 14, 2025

Dell Wyse Management Suite, versions prior to WMS 5.1 contain an Authentication Bypass by... Moderate Unreviewed

CVE-2025-27695 was published May 8, 2025

An app could impersonate system notifications. Sensitive notifications now require restricted... Moderate Unreviewed

CVE-2025-24091 was published Apr 30, 2025

In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system... Moderate Unreviewed

CVE-2023-5616 was published Apr 15, 2025

Authentication Bypass by Spoofing vulnerability in Asgaros Asgaros Forum allows Identity Spoofing... Moderate Unreviewed

CVE-2025-32227 was published Apr 10, 2025

Authentication Bypass by Spoofing vulnerability in Ays Pro Survey Maker allows Identity Spoofing.... Moderate Unreviewed

CVE-2025-32275 was published Apr 10, 2025

On IROAD X5 devices, a Bypass of Device Pairing can occur via MAC Address Spoofing. The dashcam's... Moderate Unreviewed

CVE-2025-30110 was published Mar 18, 2025

The Admin and Site Enhancements (ASE) WordPress plugin before 7.6.10 retrieves client IP... Moderate Unreviewed

CVE-2024-13685 was published Mar 4, 2025

Previous1…8 Next

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

198 advisories