GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,759
Composer 5,034
Erlang 39
GitHub Actions 38
Go 2,680
Maven 6,120
npm 4,300
NuGet 760
pip 4,078
Pub 12
RubyGems 958
Rust 1,061
Swift 45

Unreviewed advisories

All unreviewed 278,170

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,353 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A lack of rate limiting in the OTP verification component of Nagios Fusion v2024R1.2 and v2024R2... High Unreviewed

CVE-2025-60424 was published Oct 27, 2025

Captive Portal can allow authentication bypass High Unreviewed

CVE-2025-6979 was published Oct 23, 2025

Encrypted WiFi and SSH credentials were found in the Ghost Robotics Vision 60 v0.27.2 APK. This... High Unreviewed

CVE-2025-41110 was published Oct 22, 2025

The issue was addressed with improved authentication. This issue is fixed in macOS Sequoia 15.6.... High Unreviewed

CVE-2025-43281 was published Oct 15, 2025

The Keyy Two Factor Authentication (like Clef) plugin for WordPress is vulnerable to privilege... High Unreviewed

CVE-2025-10293 was published Oct 15, 2025

Improper authentication in Windows Remote Desktop Protocol allows an authorized attacker to... High Unreviewed

CVE-2025-55340 was published Oct 14, 2025

An authentication bypass security issue exists within FactoryTalk View Machine Edition Web... High Unreviewed

CVE-2025-9063 was published Oct 14, 2025

A path traversal security issue exists within FactoryTalk View Machine Edition, allowing... High Unreviewed

CVE-2025-9064 was published Oct 14, 2025

A vulnerability in Extreme Networks’ Fabric Engine (VOSS) before 9.3 was discovered. When SD-WAN... High Unreviewed

CVE-2025-11192 was published Oct 7, 2025

A weakness has been identified in iHongRen pptp-vpn 1.0/1.0.1 on macOS. This issue affects the... High Unreviewed

CVE-2025-11130 was published Sep 29, 2025

A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS... High Unreviewed

CVE-2025-20160 was published Sep 24, 2025

A flaw has been found in Magnetism Studios Endurance up to 3.3.0 on macOS. This affects the... High Unreviewed

CVE-2025-10906 was published Sep 24, 2025

Creacast Creabox Manager contains a critical authentication flaw that allows an attacker to... High Unreviewed

CVE-2025-57434 was published Sep 22, 2025

A vulnerability was found in whuan132 AIBattery up to 1.0.9. The affected element is an unknown... High Unreviewed

CVE-2025-10672 was published Sep 18, 2025

This issue was addressed through improved state management. This issue is fixed in macOS Tahoe 26... High Unreviewed

CVE-2025-31271 was published Sep 16, 2025

The LB-Link BL-CPE300M AX300 4G LTE Router firmware version BL-R8800_B10_ALK_SL_V01.01... High Unreviewed

CVE-2025-57278 was published Sep 9, 2025

SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who... High Unreviewed

CVE-2025-55234 was published Sep 9, 2025

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over... High Unreviewed

CVE-2025-54918 was published Sep 9, 2025

In smp_process_secure_connection_oob_data of smp_act.cc, there is a possible way to bypass SMP... High Unreviewed

CVE-2025-26438 was published Sep 4, 2025

A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element... High Unreviewed

CVE-2025-9815 was published Sep 2, 2025

An authentication bypass vulnerability in PandoraNext-TokensTool v0.6.8 and before. An attacker... High Unreviewed

CVE-2024-50641 was published Aug 21, 2025

Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit... High Unreviewed

CVE-2024-57491 was published Aug 20, 2025

Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over... High Unreviewed

CVE-2025-53778 was published Aug 12, 2025

On April 18th 2025, Microsoft announced Exchange Server Security Changes for Hybrid Deployments... High Unreviewed

CVE-2025-53786 was published Aug 6, 2025

Unauthorized access and impersonation can occur in versions 4.6.2.3226 and below of Progress... High Unreviewed

CVE-2025-6505 was published Jul 29, 2025

Previous1…55 Next

Previous 1 2 3 4 5 … 54 55 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,353 advisories