Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,970 advisories

Loading
A vulnerability was identified in code-projects Hostel Management System 1.0. This affects an... Moderate Unreviewed
CVE-2025-8964 was published Aug 14, 2025
A security flaw has been discovered in zhenfeng13 My-Blog 1.0.0. This vulnerability affects... Moderate Unreviewed
CVE-2025-9100 was published Aug 18, 2025
Authentication Bypass vulnerability in jobx up to v1.0.1-RELEASE allows an attacker can exploit... High Unreviewed
CVE-2024-57491 was published Aug 20, 2025
jeewx-boot 1.3 has an authentication bypass vulnerability in the preHandle function Critical Unreviewed
CVE-2024-50640 was published Aug 20, 2025
JeeWMS 771e4f5d0c01ffdeae1671be4cf102b73a3fe644 (2025-05-19) contains incorrect authentication... Critical Unreviewed
CVE-2025-50901 was published Aug 20, 2025
An issue in Roadcute API v.1 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2025-52395 was published Aug 21, 2025
An authentication bypass vulnerability in PandoraNext-TokensTool v0.6.8 and before. An attacker... High Unreviewed
CVE-2024-50641 was published Aug 21, 2025
zhisheng17 blog 3.0.1-SNAPSHOT has an authentication bypass vulnerability. An attacker can... Critical Unreviewed
CVE-2024-50644 was published Aug 22, 2025
MallChat v1.0-SNAPSHOT has an authentication bypass vulnerability. An attacker can exploit this... Critical Unreviewed
CVE-2024-50645 was published Aug 22, 2025
A vulnerability has been found in TOTOLINK T10 4.1.8cu.5241_B20210927. Affected is an unknown... Moderate Unreviewed
CVE-2025-9533 was published Aug 27, 2025
The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to... Critical Unreviewed
CVE-2025-7955 was published Aug 28, 2025
An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0... Moderate Unreviewed
CVE-2025-52054 was published Aug 28, 2025
An improper authentication vulnerability has been reported to affect VioStor. If a remote... Critical Unreviewed
CVE-2025-52856 was published Aug 29, 2025
A weakness has been identified in alaneuler batteryKid up to 2.1 on macOS. The affected element... High Unreviewed
CVE-2025-9815 was published Sep 2, 2025
In smp_process_secure_connection_oob_data of smp_act.cc, there is a possible way to bypass SMP... High Unreviewed
CVE-2025-26438 was published Sep 4, 2025
Azure Entra Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2025-55241 was published Sep 5, 2025
Improper access control vulnerability in SemClipboard prior to SMR Apr-2023 Release 1 allows... Low Unreviewed
CVE-2023-21471 was published Sep 5, 2025
Error in 3GPP specification implementation in Exynos baseband prior to SMR Apr-2023 Release 1... Critical Unreviewed
CVE-2023-21467 was published Sep 8, 2025
PendingIntent hijacking vulnerability in CertificatePolicy in framework prior to SMR Apr-2023... Low Unreviewed
CVE-2023-21466 was published Sep 8, 2025
The Amp’ed RF BT-AP 111 Bluetooth access point's HTTP admin interface does not have an... Critical Unreviewed
CVE-2025-9994 was published Sep 9, 2025
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over... High Unreviewed
CVE-2025-54918 was published Sep 9, 2025
SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who... High Unreviewed
CVE-2025-55234 was published Sep 9, 2025
The LB-Link BL-CPE300M AX300 4G LTE Router firmware version BL-R8800_B10_ALK_SL_V01.01... High Unreviewed
CVE-2025-57278 was published Sep 9, 2025
Improper Authentication (CWE-287) in the LDAP authentication engine in AxxonSoft Axxon One 2.0.2... Moderate Unreviewed
CVE-2025-10224 was published Sep 10, 2025
An issue in RTSPtoWeb v.2.4.3 allows a remote attacker to obtain sensitive information and... Moderate Unreviewed
CVE-2025-56578 was published Sep 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database