Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,850
Erlang
36
GitHub Actions
34
Go
2,480
Maven
5,000+
npm
4,097
NuGet
734
pip
3,910
Pub
12
RubyGems
945
Rust
1,014
Swift
39
Unreviewed advisories
All unreviewed
5,000+

450 advisories

Loading
The system exposes several endpoints, typically including "/int/" in their path, that should be... High Unreviewed
CVE-2025-30037 was published Aug 27, 2025
The TP-Link KP303 Smartplug can be issued unauthenticated protocol commands that may cause... High Unreviewed
CVE-2025-8627 was published Aug 26, 2025
Improper Access Control issue in the Workflow component of Fortra's FileCatalyst allows... High Unreviewed
CVE-2025-8450 was published Aug 19, 2025
A security issue exists within the 5032 16pt Digital Configurable module’s web server.... High Unreviewed
CVE-2025-7774 was published Aug 14, 2025
Missing Authentication for Critical Function vulnerability in ABB ABB AbilityTM zenon.This issue... High Unreviewed
CVE-2025-8754 was published Aug 13, 2025
Missing authentication for critical function in Windows StateRepository API allows an authorized... High Unreviewed
CVE-2025-53789 was published Aug 12, 2025
A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their... High Unreviewed
CVE-2025-41686 was published Aug 12, 2025
Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects... High Unreviewed
CVE-2025-7679 was published Aug 11, 2025
Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects... High Unreviewed
CVE-2025-53191 was published Aug 11, 2025
Mattermost Confluence Plugin is Missing Authentication for Critical Function High
CVE-2025-54478 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects... High Unreviewed
CVE-2025-7677 was published Aug 11, 2025
Mattermost Confluence Plugin is Missing Authentication for Critical Function High
CVE-2025-44004 was published for github.com/mattermost/mattermost-plugin-confluence (Go) Aug 11, 2025
In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access... High Unreviewed
CVE-2025-20700 was published Aug 4, 2025
In the Airoha Bluetooth audio SDK, there is a possible unauthorized access to the RACE protocol.... High Unreviewed
CVE-2025-20702 was published Aug 4, 2025
Insufficient input validation within GitLab Language Server 7.6.0 and later before 7.30.0 allows... High Unreviewed
CVE-2025-8279 was published Jul 28, 2025
A client-side remote code execution vulnerability exists in Samsung Security Manager versions 1... High Unreviewed
CVE-2016-15046 was published Jul 25, 2025
An authenticated remote code execution vulnerability exists in GetSimpleCMS version 3.2.1. The... High Unreviewed
CVE-2013-10032 was published Jul 25, 2025
DuraComm SPM-500 DP-10iN-100-MU lacks access controls for a function that should require user... High Unreviewed
CVE-2025-48733 was published Jul 23, 2025
A remote file disclosure vulnerability exists in EasyCafe Server 2.2.14, exploitable by... High Unreviewed
CVE-2025-34119 was published Jul 16, 2025
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2025-30762 was published Jul 15, 2025
A missing authentication vulnerability in Trend Micro Worry-Free Business Security Services ... High Unreviewed
CVE-2025-53378 was published Jul 10, 2025
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows... High Unreviewed
CVE-2025-48814 was published Jul 8, 2025
An unauthenticated adjacent attacker can modify configuration by sending specific requests to an... High Unreviewed
CVE-2025-25268 was published Jul 8, 2025
The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a... High Unreviewed
CVE-2024-8419 was published Jun 30, 2025
Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure... High Unreviewed
CVE-2025-6678 was published Jun 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database