Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,783
NuGet
683
pip
3,463
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,622 advisories

Loading
Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an... Moderate Unreviewed
CVE-2025-1231 was published Feb 11, 2025
Tenda W18E V16.01.0.8(1625) suffers from authentication bypass in the web management portal... High Unreviewed
CVE-2024-46434 was published Feb 10, 2025
Two factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and... Moderate Unreviewed
CVE-2023-1980 was published Apr 11, 2023
Improper Authentication vulnerability in Secure Folder prior to SMR May-2024 Release 1 allows... Moderate Unreviewed
CVE-2024-20856 was published May 7, 2024
A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This... Moderate Unreviewed
CVE-2025-1104 was published Feb 7, 2025
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18,... Moderate Unreviewed
CVE-2020-8196 was published May 24, 2022
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18,... Moderate Unreviewed
CVE-2020-8193 was published May 24, 2022
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing... Moderate Unreviewed
CVE-2022-48314 was published Apr 16, 2023
An issue in compop.ca ONLINE MALL v.3.5.3 allows a remote attacker to execute arbitrary code via... Critical Unreviewed
CVE-2024-48445 was published Feb 5, 2025
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows... Critical Unreviewed
CVE-2021-32030 was published May 24, 2022
A vulnerability was found in pam_access due to the improper handling of tokens in access.conf,... Moderate Unreviewed
CVE-2024-10963 was published Nov 7, 2024
When multiple server blocks are configured to share the same IP address and port, an attacker can... Moderate Unreviewed
CVE-2025-23419 was published Feb 5, 2025
Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing... High Unreviewed
CVE-2023-47504 was published Apr 24, 2024
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege... Critical Unreviewed
CVE-2023-51478 was published Apr 25, 2024
Unraid through 6.8.0 allows Remote Code Execution. High Unreviewed
CVE-2020-5847 was published May 24, 2022
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and... Critical Unreviewed
CVE-2021-44077 was published Nov 30, 2021
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass... Critical Unreviewed
CVE-2021-22893 was published May 24, 2022
Unraid 6.8.0 allows authentication bypass. High Unreviewed
CVE-2020-5849 was published May 24, 2022
An elevation of privilege vulnerability exists when Windows improperly handles authentication... High Unreviewed
CVE-2019-0543 was published May 13, 2022
**UNSUPPORTED WHEN ASSIGNED** Insecure default credentials for the Telnet function in the legacy... Critical Unreviewed
CVE-2025-0890 was published Feb 4, 2025
If LDAP settings are accessed, authentication could be redirected to another server, potentially... Moderate Unreviewed
CVE-2024-12510 was published Feb 3, 2025
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API... Critical Unreviewed
CVE-2021-40539 was published May 24, 2022
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The... High Unreviewed
CVE-2024-37368 was published Jun 14, 2024
Authentication bypass vulnerability in Qrio Lock (Q-SL2) firmware version 2.0.9 and earlier... High Unreviewed
CVE-2023-25946 was published May 23, 2023
Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products... Critical Unreviewed
CVE-2023-27388 was published May 23, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database