Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,300
NuGet
760
pip
4,078
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,965 advisories

Loading
An issue in the OTP mechanism of Chavara Family Welfare Centre Chavara Matrimony Site v2.0 allows... Critical Unreviewed
CVE-2025-45777 was published Jul 25, 2025
Node-SAML SAML Authentication Bypass Critical
CVE-2025-54369 was published for @node-saml/node-saml (npm) Jul 25, 2025
ahacker1-securesaml cjbarth
Credited to ahacker1-securesaml and cjbarth
HCL IEM is affected by an improper invalidation of access or JWT token vulnerability.  A token... Low Unreviewed
CVE-2025-0249 was published Jul 25, 2025
A vulnerability in Imprivata Enterprise Access Management (formerly Imprivata OneSign) allows... High Unreviewed
CVE-2024-12310 was published Jul 23, 2025
Improper Authentication vulnerability in Samsung Electronics MagicINFO 9 Server allows... High Unreviewed
CVE-2025-54452 was published Jul 23, 2025
Alchemy Non-SMA and Webauthn Account Security Advisory High
GHSA-56r6-ccm5-8hg3 was published for @account-kit/smart-contracts (npm) Jul 21, 2025
carlos-cow
Credited to carlos-cow
Insufficient protection against brute-force and runtime manipulation in the local authentication... High Unreviewed
CVE-2025-41459 was published Jul 21, 2025
Due to insufficient verification, an attacker could use a malicious client to bypass... Critical Unreviewed
CVE-2024-6107 was published Jul 21, 2025
Improper limitation of a pathname to a restricted directory ('path traversal') in Microsoft... Moderate Unreviewed
CVE-2025-53771 was published Jul 21, 2025
A vulnerability was found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as critical.... Moderate Unreviewed
CVE-2025-7897 was published Jul 20, 2025
A vulnerability classified as critical has been found in Metasoft 美特软件 MetaCRM up to 6.4.2. This... Moderate Unreviewed
CVE-2025-7875 was published Jul 20, 2025
A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical.... Moderate Unreviewed
CVE-2025-7862 was published Jul 20, 2025
An authentication bypass and disclosure of information vulnerability exists in HPE AutoPass... High Unreviewed
CVE-2025-37106 was published Jul 16, 2025
An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.18. High Unreviewed
CVE-2025-37107 was published Jul 16, 2025
An improper access control vulnerability was found in the EZ Sync Manager of ADM, which allows... High Unreviewed
CVE-2025-7699 was published Jul 16, 2025
Authentication vulnerability in the mobile application(tech.palm.id)may lead to the risk of... Moderate Unreviewed
CVE-2025-7703 was published Jul 16, 2025
Directus' insufficient permission checks can enable unauthenticated users to manually trigger Flows Moderate
CVE-2025-53889 was published for directus (npm) Jul 15, 2025
licitdev
Credited to licitdev
An authentication bypass vulnerability in the /web/um_open_telnet.cgi endpoint in Nexxt Solutions... Critical Unreviewed
CVE-2025-52376 was published Jul 15, 2025
An authentication bypass vulnerability exists in HPE AutoPass License Server (APLS) prior to 9.17. High Unreviewed
CVE-2024-51767 was published Jul 14, 2025
A vulnerability, which was classified as critical, was found in LB-LINK BL-AC1900, BL-AC2100_AZ3,... High Unreviewed
CVE-2025-7574 was published Jul 14, 2025
An authentication issue was addressed with improved state management. This issue is fixed in App... Moderate Unreviewed
CVE-2025-31267 was published Jul 11, 2025
In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP... High Unreviewed
CVE-2025-49812 was published Jul 10, 2025
Improper authentication in Microsoft Office SharePoint allows an authorized attacker to perform... Moderate Unreviewed
CVE-2025-49706 was published Jul 8, 2025
Cryptographic issue occurs due to use of insecure connection method while downloading. Critical Unreviewed
CVE-2025-21450 was published Jul 8, 2025
An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version... Moderate Unreviewed
CVE-2025-6044 was published Jul 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database