GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,324
Composer 4,360
Erlang 33
GitHub Actions 22
Go 2,127
Maven 5,308
npm 3,793
NuGet 683
pip 3,471
Pub 12
RubyGems 894
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 244,899

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

352 advisories

Filter by severity

Sort by

Least recently updated

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated... High Unreviewed

CVE-2025-0108 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26366 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26363 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26364 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26365 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26362 was published Feb 12, 2025

The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in... High Unreviewed

CVE-2024-6635 was published Jul 20, 2024

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote... High Unreviewed

CVE-2019-9082 was published May 13, 2022

The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an... High Unreviewed

CVE-2024-2860 was published May 8, 2024

A vulnerability in Brocade Fabric OS versions before 9.2.2 could allow man-in-the-middle... High Unreviewed

CVE-2024-7516 was published Nov 12, 2024

TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative... High Unreviewed

CVE-2022-24990 was published Feb 7, 2023

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web... High Unreviewed

CVE-2025-21515 was published Jan 21, 2025

A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The... High Unreviewed

CVE-2024-37368 was published Jun 14, 2024

In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow... High Unreviewed

CVE-2023-31444 was published Apr 28, 2023

The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-9861 was published Oct 17, 2024

An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to... High Unreviewed

CVE-2024-45276 was published Oct 15, 2024

A file handling command vulnerability in certain versions of Armoury Crate may result in... High Unreviewed

CVE-2024-12957 was published Jan 23, 2025

A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version... High Unreviewed

CVE-2024-47574 was published Nov 13, 2024

Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects... High Unreviewed

CVE-2024-7125 was published Aug 27, 2024

Nedap Librix Ecoreader is missing authentication for critical functions that could allow an ... High Unreviewed

CVE-2024-12757 was published Jan 17, 2025

The affected product lacks an authentication check when sending commands to the server via the... High Unreviewed

CVE-2024-9137 was published Oct 14, 2024

Talend Data Catalog remote harvesting server before 8.0-20230413 contains a /upgrade endpoint... High Unreviewed

CVE-2023-33247 was published May 26, 2023

The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of... High Unreviewed

CVE-2023-31227 was published May 26, 2023

Missing Authentication for Critical Function vulnerability in NEC Corporation Aterm WG2600HS Ver... High Unreviewed

CVE-2025-0355 was published Jan 15, 2025

A missing authentication for critical function in Fortinet FortiPortal version 6.0.0 through 6.0... High Unreviewed

CVE-2024-35277 was published Jan 14, 2025

Previous 1 2 3 4 5 … 14 15 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

352 advisories