GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 25,177
Composer 5,099
Erlang 40
GitHub Actions 38
Go 2,779
Maven 6,180
npm 4,384
NuGet 772
pip 4,163
Pub 12
RubyGems 964
Rust 1,073
Swift 45

Unreviewed advisories

All unreviewed 283,214

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

57 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

phpfm 1.7.9 contains an authentication bypass vulnerability that allows attackers to log in by... Critical Unreviewed

CVE-2023-53894 was published Dec 16, 2025

An issue was discovered in weijiang1994 university-bbs (aka Blogin) in commit... High Unreviewed

CVE-2025-63807 was published Nov 20, 2025

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing... Critical Unreviewed

CVE-2025-12870 was published Nov 12, 2025

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing... Critical Unreviewed

CVE-2025-12871 was published Nov 12, 2025

A security issue exists within DataMosaix™ Private Cloud, allowing attackers to bypass MFA during... High Unreviewed

CVE-2025-11084 was published Nov 11, 2025

Weak authentication in Microsoft Exchange Server allows an authorized attacker to elevate... High Unreviewed

CVE-2025-59249 was published Oct 14, 2025

A weak authentication in Fortinet FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.0... High Unreviewed

CVE-2025-49201 was published Oct 14, 2025

This issue was addressed through improved state management. This issue is fixed in iOS 26 and... Moderate Unreviewed

CVE-2025-30468 was published Sep 16, 2025

Weak authentication in Windows Installer allows an authorized attacker to elevate privileges... High Unreviewed

CVE-2025-50173 was published Aug 12, 2025

Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges... Moderate Unreviewed

CVE-2025-47995 was published Jul 18, 2025

The protocol used for remote linking over RF for End-of-Train and Head-of-Train (also known as a... High Unreviewed

CVE-2025-1727 was published Jul 11, 2025

Weak authentication in EOL ASP.NET Core allows an unauthorized attacker to elevate privileges... High Unreviewed

CVE-2025-7326 was published Jul 8, 2025

Weak Authentication vulnerability in AresIT WP Compress allows Authentication Abuse. This issue... Moderate Unreviewed

CVE-2025-47479 was published Jul 4, 2025

A username and password are required to authenticate to the central SinoTrack device management... High Unreviewed

CVE-2025-5484 was published Jun 12, 2025

An improper authentication vulnerability [CWE-287] in Fortinet FortiClientEMS version 7.4.0 and... Moderate Unreviewed

CVE-2024-32119 was published Jun 10, 2025

An issue has been discovered in GitLab CE/EE affecting all versions from 16.8 before 17.10.7, 17... Moderate Unreviewed

CVE-2025-0605 was published May 22, 2025

An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there... Moderate Unreviewed

CVE-2025-32885 was published May 2, 2025

An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The app there... Moderate Unreviewed

CVE-2025-32883 was published May 2, 2025

Weak Authentication vulnerability in Quentn.com GmbH Quentn WP allows Privilege Escalation. This... Critical Unreviewed

CVE-2025-39596 was published Apr 17, 2025

Weak authentication in Windows Active Directory Certificate Services allows an authorized... High Unreviewed

CVE-2025-27740 was published Apr 8, 2025

Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature... Moderate Unreviewed

CVE-2025-26635 was published Apr 8, 2025

A vulnerability has been identified in Industrial Edge Device Kit - arm64 V1.17 (All versions),... Critical Unreviewed

CVE-2024-54092 was published Apr 8, 2025

Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes... Moderate Unreviewed

CVE-2024-45551 was published Apr 7, 2025

Yubico YubiKey 5.4.1 through 5.7.3 before 5.7.4 has an incorrect FIDO CTAP PIN/UV Auth Protocol... Low Unreviewed

CVE-2025-29991 was published Apr 3, 2025

Weak Authentication vulnerability in Drupal Email TFA allows Brute Force.This issue affects Email... High Unreviewed

CVE-2025-31676 was published Apr 1, 2025

Previous1…3 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

57 advisories