GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,713
Composer 4,743
Erlang 35
GitHub Actions 29
Go 2,315
Maven 5,600
npm 3,949
NuGet 711
pip 3,729
Pub 12
RubyGems 920
Rust 965
Swift 38

Unreviewed advisories

All unreviewed 257,500

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,140 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Instantel Micromate lacks authentication on a configuration port which could allow an attacker to... Critical Unreviewed

CVE-2025-1907 was published May 30, 2025

A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6... Critical Unreviewed

CVE-2025-22252 was published May 28, 2025

Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows... Critical Unreviewed

CVE-2025-2407 was published May 27, 2025

Due to missing authentication on a critical function of the devices an unauthenticated remote... Critical Unreviewed

CVE-2025-41651 was published May 27, 2025

The installer in SIGB PMB before 8.0.1.2 allows remote code execution. Moderate Unreviewed

CVE-2025-48742 was published May 27, 2025

Missing authentication vulnerability in TCMAN GIM v11. This allows an unauthenticated attacker to... Critical Unreviewed

CVE-2025-40664 was published May 26, 2025

An unauthenticated remote attacker can access a URL which causes the device to reboot. High Unreviewed

CVE-2025-41655 was published May 26, 2025

The embedded web server lacks authentication and access controls, allowing unrestricted remote... Critical Unreviewed

CVE-2025-36535 was published May 21, 2025

The devices do not implement any authentication for the web interface or the MQTT server. An... Moderate Unreviewed

CVE-2025-27803 was published May 21, 2025

In JetBrains YouTrack before 2025.1.74704 restricted attachments could become visible after issue... Moderate Unreviewed

CVE-2025-47850 was published May 20, 2025

In JetBrains YouTrack before 2025.1.76253 deletion of issues was possible due to missing... High Unreviewed

CVE-2025-48391 was published May 20, 2025

Missing authentication for critical function issue exists in I-O DATA network attached hard disk ... Moderate Unreviewed

CVE-2025-32738 was published May 15, 2025

A missing authentication vulnerability in Palo Alto Networks Cortex XDR® Broker VM allows an... Moderate Unreviewed

CVE-2025-0132 was published May 14, 2025

NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection via... Critical Unreviewed

CVE-2024-46506 was published May 13, 2025

CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain insecure protections... Moderate Unreviewed

CVE-2025-44039 was published May 13, 2025

A vulnerability has been identified in Desigo CC (All versions if access from Installed Clients... High Unreviewed

CVE-2024-23815 was published May 13, 2025

The ISOinsight from Netvision has a Missing Authentication vulnerability, allowing... Moderate Unreviewed

CVE-2025-4560 was published May 12, 2025

The web management interface of Okcat Parking Management Platform from ZONG YU has a Missing... Critical Unreviewed

CVE-2025-4555 was published May 12, 2025

The specific APIs of Parking Management System from ZONG YU has a Missing Authentication... Critical Unreviewed

CVE-2025-4557 was published May 12, 2025

A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based... Moderate Unreviewed

CVE-2025-4382 was published May 9, 2025

WF2220 exposes endpoint /cgi-bin-igd/netcore_get.cgi that returns configuration of the device to... High Unreviewed

CVE-2025-3758 was published May 8, 2025

Endpoint /cgi-bin-igd/netcore_set.cgi which is used for changing device configuration is... High Unreviewed

CVE-2025-3759 was published May 8, 2025

A vulnerability in the management API of Cisco Catalyst Center, formerly Cisco DNA Center, could... High Unreviewed

CVE-2025-20210 was published May 7, 2025

A vulnerability has been found in TOTOLINK A720R 4.1.5cu.374 and classified as critical. This... Moderate Unreviewed

CVE-2025-4268 was published May 5, 2025

IBM Business Automation Workflow 24.0.0 and 24.0.1 through 24.0.1 IF001 Center may leak sensitive... Moderate Unreviewed

CVE-2025-1495 was published May 3, 2025

Previous 1 2 3 4 5 … 45 46 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,140 advisories