GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,658
Composer 4,465
Erlang 33
GitHub Actions 22
Go 2,166
Maven 5,398
npm 3,826
NuGet 696
pip 3,503
Pub 12
RubyGems 909
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,699

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,046 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.8),... Moderate Unreviewed

CVE-2024-52285 was published Mar 11, 2025

SAP NetWeaver Enterprise Portal OBN does not perform proper authentication check for a particular... Moderate Unreviewed

CVE-2025-23194 was published Mar 11, 2025

Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup... High Unreviewed

CVE-2025-27256 was published Mar 10, 2025

The School Management System for Wordpress plugin for WordPress is vulnerable to privilege... High Unreviewed

CVE-2024-9658 was published Mar 7, 2025

The InWave Jobs plugin for WordPress is vulnerable to privilege escalation via password reset in... Critical Unreviewed

CVE-2025-1315 was published Mar 7, 2025

Peppermint Ticket Management 0.4.6 is vulnerable to Incorrect Access Control. A regular... High Unreviewed

CVE-2024-31525 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application 20.0.2368... Critical Unreviewed

CVE-2025-27642 was published Mar 5, 2025

Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application 20.0.2253... Critical Unreviewed

CVE-2025-27647 was published Mar 5, 2025

Certain functionality within GMOD Apollo does not require authentication when passed with an... Critical Unreviewed

CVE-2025-24924 was published Mar 5, 2025

The Login Me Now plugin for WordPress is vulnerable to authentication bypass in versions up to,... High Unreviewed

CVE-2025-1717 was published Feb 27, 2025

Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to... High Unreviewed

CVE-2025-21355 was published Feb 20, 2025

Server-Side Access Control Bypass vulnerability in WombatDialer before 25.02 could allow... Moderate Unreviewed

CVE-2024-57055 was published Feb 18, 2025

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version)... Moderate Unreviewed

CVE-2025-25224 was published Feb 18, 2025

An issue in the Arcadyan Livebox Fibra PRV3399B_B_LT allows a remote or local attacker to modify... Moderate Unreviewed

CVE-2024-57725 was published Feb 14, 2025

The administrative web interface of mySCADA myPRO Manager can be accessed without... Critical Unreviewed

CVE-2025-24865 was published Feb 14, 2025

Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote... Critical Unreviewed

CVE-2025-0896 was published Feb 13, 2025

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated... High Unreviewed

CVE-2025-0108 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26362 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26366 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26365 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q... Critical Unreviewed

CVE-2025-26359 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in... Moderate Unreviewed

CVE-2025-26360 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26363 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26364 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... Critical Unreviewed

CVE-2025-26361 was published Feb 12, 2025

Previous 1 2 3 4 5 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,046 advisories