Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,318
Maven
5,000+
npm
3,950
NuGet
711
pip
3,730
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,789 advisories

Loading
A vulnerability, which was classified as critical, was found in quequnlong shiyi-blog up to 1.2.1... Moderate Unreviewed
CVE-2025-5512 was published Jun 3, 2025
If you enable Basic Authentication in Pekko Management using the Java DSL, the authenticator may... Unknown Unreviewed
CVE-2025-46548 was published Jun 3, 2025
A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has been classified as critical.... Moderate Unreviewed
CVE-2025-5495 was published Jun 3, 2025
An authentication bypass vulnerability exists in HPE StoreOnce Software. Critical Unreviewed
CVE-2025-37093 was published Jun 2, 2025
A vulnerability classified as critical has been found in Multilaser Sirius RE016 MLT1.0. Affected... Moderate Unreviewed
CVE-2025-5437 was published Jun 2, 2025
An authentication issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed
CVE-2025-31264 was published May 30, 2025
Netwrix Directory Manager (formerly Imanami GroupID) v.11.0.0.0 and before, as well as after v.11... Moderate Unreviewed
CVE-2025-48746 was published May 28, 2025
A vulnerability, which was classified as critical, has been found in Gowabby HFish 0.1. This... Moderate Unreviewed
CVE-2025-5247 was published May 27, 2025
A vulnerability was found in WCMS up to 8.3.11. It has been declared as critical. Affected by... Moderate Unreviewed
CVE-2025-5149 was published May 25, 2025
An issue in Ocuco Innovation - REPORTSERVER.EXE v2.10.24.13 allows attackers to bypass... Critical Unreviewed
CVE-2024-41196 was published May 22, 2025
An issue in Ocuco Innovation - INNOVASERVICEINTF.EXE v2.10.24.17 allows attackers to bypass... Critical Unreviewed
CVE-2024-41195 was published May 22, 2025
An issue in Ocuco Innovation - REPORTS.EXE v2.10.24.13 allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-41198 was published May 22, 2025
An issue in Ocuco Innovation - INVCLIENT.EXE v2.10.24.5 allows attackers to bypass authentication... Critical Unreviewed
CVE-2024-41197 was published May 22, 2025
An improper authentication vulnerability exists in WSO2 Identity Server 7.0.0 due to an... Moderate Unreviewed
CVE-2024-7487 was published May 22, 2025
An issue has been discovered in GitLab CE/EE affecting all versions from 16.8 before 17.10.7, 17... Moderate Unreviewed
CVE-2025-0605 was published May 22, 2025
An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication Bypass via a Hardcoded... Moderate Unreviewed
CVE-2025-32815 was published May 22, 2025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the... Critical Unreviewed
CVE-2025-34027 was published May 22, 2025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the... Critical Unreviewed
CVE-2025-34026 was published May 22, 2025
An issue in D-Link DI-8100 16.07.26A1 allows a remote attacker to bypass administrator login... Critical Unreviewed
CVE-2025-44083 was published May 21, 2025
A vulnerability, which was classified as very critical, was found in Netgear DGND3700 1.1.00.15_1... Critical Unreviewed
CVE-2025-4978 was published May 20, 2025
laravel-auth0 SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions Critical
GHSA-9fwj-9mjf-rhj3 was published for auth0/login (Composer) May 17, 2025
Sideni
Auth0 Wordpress plugin Vulnerable to Brute Force Authentication Tags of CookieStore Sessions Critical
GHSA-2f4r-34m4-3w8q was published for auth0/wordpress (Composer) May 17, 2025
Sideni
Auth0 Symfony SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions Critical
GHSA-9wg9-93h9-j8ch was published for auth0/symfony (Composer) May 17, 2025
Sideni
Brute Force Authentication Tags of CookieStore Sessions in Auth0-PHP SDK Critical
CVE-2025-47275 was published for auth0/auth0-php (Composer) May 16, 2025
Sideni kevinroh-okta
A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). It has been classified as... Moderate Unreviewed
CVE-2025-4755 was published May 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database