Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,840
Erlang
36
GitHub Actions
33
Go
2,464
Maven
5,000+
npm
4,082
NuGet
723
pip
3,880
Pub
12
RubyGems
943
Rust
1,011
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

415 advisories

Loading
Improper Access Control issue in the Workflow component of Fortra's FileCatalyst allows... High Unreviewed
CVE-2025-8450 was published Aug 19, 2025
A security issue exists within the 5032 16pt Digital Configurable module’s web server.... High Unreviewed
CVE-2025-7774 was published Aug 14, 2025
Missing Authentication for Critical Function vulnerability in ABB ABB AbilityTM zenon.This issue... High Unreviewed
CVE-2025-8754 was published Aug 13, 2025
Missing authentication for critical function in Windows StateRepository API allows an authorized... High Unreviewed
CVE-2025-53789 was published Aug 12, 2025
A low-privileged local attacker can exploit improper permissions on nssm.exe to escalate their... High Unreviewed
CVE-2025-41686 was published Aug 12, 2025
Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects... High Unreviewed
CVE-2025-7679 was published Aug 11, 2025
Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects... High Unreviewed
CVE-2025-53191 was published Aug 11, 2025
Missing Authentication for Critical Function vulnerability in ABB Aspect.This issue affects... High Unreviewed
CVE-2025-7677 was published Aug 11, 2025
In the Airoha Bluetooth audio SDK, there is a possible unauthorized access to the RACE protocol.... High Unreviewed
CVE-2025-20702 was published Aug 4, 2025
In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access... High Unreviewed
CVE-2025-20700 was published Aug 4, 2025
Insufficient input validation within GitLab Language Server 7.6.0 and later before 7.30.0 allows... High Unreviewed
CVE-2025-8279 was published Jul 28, 2025
A client-side remote code execution vulnerability exists in Samsung Security Manager versions 1... High Unreviewed
CVE-2016-15046 was published Jul 25, 2025
An authenticated remote code execution vulnerability exists in GetSimpleCMS version 3.2.1. The... High Unreviewed
CVE-2013-10032 was published Jul 25, 2025
DuraComm SPM-500 DP-10iN-100-MU lacks access controls for a function that should require user... High Unreviewed
CVE-2025-48733 was published Jul 23, 2025
A remote file disclosure vulnerability exists in EasyCafe Server 2.2.14, exploitable by... High Unreviewed
CVE-2025-34119 was published Jul 16, 2025
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2025-30762 was published Jul 15, 2025
A missing authentication vulnerability in Trend Micro Worry-Free Business Security Services ... High Unreviewed
CVE-2025-53378 was published Jul 10, 2025
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows... High Unreviewed
CVE-2025-48814 was published Jul 8, 2025
An unauthenticated adjacent attacker can modify configuration by sending specific requests to an... High Unreviewed
CVE-2025-25268 was published Jul 8, 2025
The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a... High Unreviewed
CVE-2024-8419 was published Jun 30, 2025
Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure... High Unreviewed
CVE-2025-6678 was published Jun 26, 2025
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2... High Unreviewed
CVE-2025-32978 was published Jun 26, 2025
An unauthenticated remote attacker can obtain limited sensitive information and/or DoS the device... High Unreviewed
CVE-2025-3090 was published Jun 26, 2025
IBM Spectrum Protect Server 8.1 through 8.1.26 could allow attacker to bypass authentication due... High Unreviewed
CVE-2025-3319 was published Jun 20, 2025
A web application for configuring the controller is accessible at a specific path. It contains an... High Unreviewed
CVE-2025-25265 was published Jun 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database