Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,768
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,965
NuGet
713
pip
3,748
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,805 advisories

Loading
pgjdbc Client Allows Fallback to Insecure Authentication Despite channelBinding=require Configuration High
CVE-2025-49146 was published for org.postgresql:postgresql (Maven) Jun 11, 2025
jawj
A vulnerability was found in code-projects School Fees Payment System 1.0 and classified as... Moderate Unreviewed
CVE-2025-5985 was published Jun 11, 2025
Erxes Incorrect Access Control vulnerability High
CVE-2024-57190 was published for erxes (npm) Jun 10, 2025
A vulnerability classified as critical has been found in code-projects Laundry System 1.0. This... Moderate Unreviewed
CVE-2025-5906 was published Jun 10, 2025
An issue in KeeperChat IOS Application v.5.8.8 allows a physically proximate attacker to escalate... Moderate Unreviewed
CVE-2025-29627 was published Jun 9, 2025
A vulnerability classified as problematic was found in Lucky LM-520-SC, LM-520-FSC and LM-520-FSC... Moderate Unreviewed
CVE-2025-5876 was published Jun 9, 2025
A vulnerability was found in eGauge EG3000 Energy Monitor 3.6.3. It has been classified as... Moderate Unreviewed
CVE-2025-5872 was published Jun 9, 2025
A vulnerability was found in Papendorf SOL Connect Center 3.3.0.0 and classified as problematic.... Moderate Unreviewed
CVE-2025-5871 was published Jun 9, 2025
A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 Build 36 and classified as critical.... Moderate Unreviewed
CVE-2025-5870 was published Jun 9, 2025
An improper authentication vulnerability has been reported to affect QHora. If an attacker gains... Moderate Unreviewed
CVE-2024-13088 was published Jun 6, 2025
Bypass vulnerability in the device management channel Impact: Successful exploitation of this... High Unreviewed
CVE-2025-48909 was published Jun 6, 2025
Improper Authentication vulnerability in WF Steuerungstechnik GmbH airleader MASTER allows... Critical Unreviewed
CVE-2025-5597 was published Jun 4, 2025
A vulnerability, which was classified as critical, was found in quequnlong shiyi-blog up to 1.2.1... Moderate Unreviewed
CVE-2025-5512 was published Jun 3, 2025
Pekko Management may not properly apply authenticator when Basic Authentication enabled Moderate
CVE-2025-46548 was published for com.lightbend.akka.management:akka-management_2.12 (Maven) Jun 3, 2025
A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has been classified as critical.... Moderate Unreviewed
CVE-2025-5495 was published Jun 3, 2025
An authentication bypass vulnerability exists in HPE StoreOnce Software. Critical Unreviewed
CVE-2025-37093 was published Jun 2, 2025
A vulnerability classified as critical has been found in Multilaser Sirius RE016 MLT1.0. Affected... Moderate Unreviewed
CVE-2025-5437 was published Jun 2, 2025
An authentication issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed
CVE-2025-31264 was published May 30, 2025
Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11... Moderate Unreviewed
CVE-2025-48746 was published May 28, 2025
A vulnerability, which was classified as critical, has been found in Gowabby HFish 0.1. This... Moderate Unreviewed
CVE-2025-5247 was published May 27, 2025
A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by... Moderate Unreviewed
CVE-2025-5149 was published May 25, 2025
An improper authentication vulnerability exists in WSO2 Identity Server 7.0.0 due to an... Moderate Unreviewed
CVE-2024-7487 was published May 22, 2025
An issue in Ocuco Innovation - INNOVASERVICEINTF.EXE v2.10.24.17 allows attackers to bypass... Critical Unreviewed
CVE-2024-41195 was published May 22, 2025
An issue in Ocuco Innovation - REPORTS.EXE v2.10.24.13 allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-41198 was published May 22, 2025
An issue in Ocuco Innovation - INVCLIENT.EXE v2.10.24.5 allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-41197 was published May 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database