Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,850
Erlang
36
GitHub Actions
34
Go
2,480
Maven
5,000+
npm
4,097
NuGet
734
pip
3,910
Pub
12
RubyGems
945
Rust
1,014
Swift
39
Unreviewed advisories
All unreviewed
5,000+

321 advisories

Loading
The "serverConfig" endpoint, which returns the module configuration including credentials, is... Moderate Unreviewed
CVE-2025-30048 was published Aug 27, 2025
Mattermost Does Not Sanitize the Team Invite ID Moderate
CVE-2025-47870 was published for github.com/mattermost/mattermost-server (Go) Aug 21, 2025
An issue was discovered in Cicool builder 3.4.4 allowing attackers to reset the administrator's... Moderate Unreviewed
CVE-2025-51543 was published Aug 19, 2025
An unauthenticated remote attacker can grant access without password protection to the affected... Moderate Unreviewed
CVE-2025-41689 was published Aug 19, 2025
An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 devices. Via port 7777 without any need... Moderate Unreviewed
CVE-2025-30126 was published Jul 28, 2025
Mattermost Missing Authentication for Critical Function Moderate
CVE-2025-6226 was published for github.com/mattermost/mattermost-server (Go) Jul 18, 2025
A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version... Moderate Unreviewed
CVE-2025-52089 was published Jul 11, 2025
Missing Authentication for Critical Function vulnerability in Drupal Config Pages Viewer allows... Moderate Unreviewed
CVE-2025-7031 was published Jul 8, 2025
A flaw was found in the authentication enforcement mechanism of a model inference API in ai... Moderate Unreviewed
CVE-2025-6920 was published Jul 1, 2025
OpenBao allows cancellation of root rekey and recovery rekey operations without authentication Moderate
CVE-2025-52894 was published for github.com/openbao/openbao (Go) Jun 26, 2025
cipherboy
An issue has been discovered in GitLab CE/EE affecting all versions from 17.2 before 17.11.5, 18... Moderate Unreviewed
CVE-2025-1754 was published Jun 26, 2025
An issue was discovered on COROS PACE 3 devices through 3.0808.0. The BLE implementation of the... Moderate Unreviewed
CVE-2025-32876 was published Jun 20, 2025
A vulnerability has been identified in Perfect Harmony GH180 (All versions >= V8.0 < V8.3.3 with... Moderate Unreviewed
CVE-2024-35295 was published Jun 11, 2025
A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This... Moderate Unreviewed
CVE-2025-5906 was published Jun 10, 2025
The wallet has an authentication bypass vulnerability that allows access to specific pages. Moderate Unreviewed
CVE-2025-5719 was published Jun 6, 2025
The installer in SIGB PMB before 8.0.1.2 allows remote code execution. Moderate Unreviewed
CVE-2025-48742 was published May 27, 2025
The devices do not implement any authentication for the web interface or the MQTT server. An... Moderate Unreviewed
CVE-2025-27803 was published May 21, 2025
In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue... Moderate Unreviewed
CVE-2025-47850 was published May 20, 2025
Missing authentication for critical function issue exists in I-O DATA network attached hard disk ... Moderate Unreviewed
CVE-2025-32738 was published May 15, 2025
A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an... Moderate Unreviewed
CVE-2025-0132 was published May 14, 2025
CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections... Moderate Unreviewed
CVE-2025-44039 was published May 13, 2025
The ISOinsight from Netvision has a Missing Authentication vulnerability, allowing... Moderate Unreviewed
CVE-2025-4560 was published May 12, 2025
A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based... Moderate Unreviewed
CVE-2025-4382 was published May 9, 2025
A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This... Moderate Unreviewed
CVE-2025-4268 was published May 5, 2025
IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF001 Center may leak sensitive... Moderate Unreviewed
CVE-2025-1495 was published May 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database