Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,748
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

18 advisories

Loading
Jenkins WSO2 Oauth Plugin Fails to Properly Authenticate User Credentials High
CVE-2025-47889 was published for org.jenkins-ci.plugins:wso2id-oauth (Maven) May 14, 2025
Weak authentication in Windows Active Directory Certificate Services allows an authorized... High Unreviewed
CVE-2025-27740 was published Apr 8, 2025
Weak Authentication vulnerability in Drupal Email TFA allows Brute Force.This issue affects Email... High Unreviewed
CVE-2025-31676 was published Apr 1, 2025
This vulnerability exists in the CAP back office application due to improper authentication check... High Unreviewed
CVE-2025-29994 was published Mar 13, 2025
Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability High
CVE-2025-24070 was published for Microsoft.AspNetCore.App.Runtime.linux-arm (NuGet) Mar 11, 2025
dwelch2344
Hermes improperly validates a JWT High
CVE-2025-1293 was published for github.com/hashicorp-forge/hermes (Go) Feb 20, 2025
Dell Client Platform BIOS contains a Weak Authentication vulnerability. A high privileged... High Unreviewed
CVE-2024-52541 was published Feb 19, 2025
A CWE-1390 "Weak Authentication" in the PIN authentication mechanism in Q-Free MaxTime less than... High Unreviewed
CVE-2025-26343 was published Feb 12, 2025
A vulnerability in the ClearPass Policy Manager web-based management interface allows a low... High Unreviewed
CVE-2025-23058 was published Feb 4, 2025
A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1,... High Unreviewed
CVE-2024-50563 was published Jan 16, 2025
Weak authentication issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE... High Unreviewed
CVE-2024-47397 was published Dec 18, 2024
Active Directory Certificate Services Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-49019 was published Nov 12, 2024
Windows Kerberos Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38239 was published Sep 10, 2024
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-35248 was published Jun 11, 2024
An issue in Netgear WNR614 JNR1010V2 N300-V1.1.0.54_1.0.1 allows attackers to bypass... High Unreviewed
CVE-2024-36787 was published Jun 7, 2024
The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below uses poor... High Unreviewed
CVE-2024-29837 was published Apr 15, 2024
ARCONTE Aurea's authentication system, in its 1.5.0.0 version, could allow an attacker to make... High Unreviewed
CVE-2023-4094 was published Sep 19, 2023
A weak authentication vulnerability [CWE-1390] in FortiNAC-F version 7.2.0, FortiNAC version 9.4... High Unreviewed
CVE-2022-45860 was published May 4, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database