Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,353 advisories

Loading
On Zyxel NBG2105 V1.00(AAGU.2)C0 devices, setting the login cookie to 1 provides administrator... High Unreviewed
CVE-2021-3297 was published May 24, 2022
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD)... High Unreviewed
CVE-2023-52161 was published Feb 22, 2024
In some mod_ssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP... High Unreviewed
CVE-2025-49812 was published Jul 10, 2025
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate... High Unreviewed
CVE-2023-45866 was published Dec 8, 2023
Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an... High Unreviewed
CVE-2022-4874 was published Jan 11, 2023
Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without... High Unreviewed
CVE-2020-26557 was published May 24, 2022
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker... High Unreviewed
CVE-2020-4427 was published May 24, 2022
Improper Authentication vulnerability in Wikimedia Foundation Mediawiki - CentralAuth Extension... High Unreviewed
CVE-2025-6926 was published Jul 3, 2025
BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local... High Unreviewed
CVE-2025-0217 was published May 5, 2025
This issue was addressed through improved state management. This issue is fixed in macOS Tahoe 26... High Unreviewed
CVE-2025-31271 was published Sep 16, 2025
BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local... High Unreviewed
CVE-2023-23632 was published Oct 12, 2023
A vulnerability was found in the 389 Directory Server that allows expired passwords to access the... High Unreviewed
CVE-2022-0996 was published Mar 24, 2022
Encrypted WiFi and SSH credentials were found in the Ghost Robotics Vision 60 v0.27.2 APK. This... High Unreviewed
CVE-2025-41110 was published Oct 22, 2025
An authentication bypass security issue exists within FactoryTalk View Machine Edition Web... High Unreviewed
CVE-2025-9063 was published Oct 14, 2025
A path traversal security issue exists within FactoryTalk View Machine Edition, allowing... High Unreviewed
CVE-2025-9064 was published Oct 14, 2025
A lack of rate limiting in the OTP verification component of Nagios Fusion v2024R1.2 and v2024R2... High Unreviewed
CVE-2025-60424 was published Oct 27, 2025
Captive Portal can allow authentication bypass High Unreviewed
CVE-2025-6979 was published Oct 23, 2025
ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code... High Unreviewed
CVE-2025-3935 was published Apr 25, 2025
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti... High Unreviewed
CVE-2023-46805 was published Jan 12, 2024
Open Management Infrastructure Elevation of Privilege Vulnerability This CVE ID is unique from... High Unreviewed
CVE-2021-38648 was published May 24, 2022
Windows Task Scheduler Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-49039 was published Nov 12, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS... High Unreviewed
CVE-2022-48618 was published Jan 9, 2024
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and... High Unreviewed
CVE-2020-12812 was published May 24, 2022
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not... High Unreviewed
CVE-2020-6287 was published May 24, 2022
Unraid 6.8.0 allows authentication bypass. High Unreviewed
CVE-2020-5849 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database