Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,479
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,053 advisories

Loading
A flaw in Gliffy results in broken authentication through the reset functionality of the... Moderate Unreviewed
CVE-2024-5174 was published Feb 24, 2025
An issue in the SharedConfig class of Telegram Android APK v.11.7.0 allows a physically proximate... Moderate Unreviewed
CVE-2024-54916 was published Feb 12, 2025
An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allows attacker to... Moderate Unreviewed
CVE-2024-52968 was published Feb 11, 2025
Windows Remote Desktop Configuration Service Tampering Vulnerability Moderate Unreviewed
CVE-2025-21349 was published Feb 11, 2025
Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an... Moderate Unreviewed
CVE-2025-1231 was published Feb 11, 2025
Two factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and... Moderate Unreviewed
CVE-2023-1980 was published Apr 11, 2023
Improper Authentication vulnerability in Secure Folder prior to SMR May-2024 Release 1 allows... Moderate Unreviewed
CVE-2024-20856 was published May 7, 2024
A vulnerability has been found in D-Link DHP-W310AV 1.04 and classified as critical. This... Moderate Unreviewed
CVE-2025-1104 was published Feb 7, 2025
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18,... Moderate Unreviewed
CVE-2020-8193 was published May 24, 2022
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18,... Moderate Unreviewed
CVE-2020-8196 was published May 24, 2022
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing... Moderate Unreviewed
CVE-2022-48314 was published Apr 16, 2023
A vulnerability was found in pam_access due to the improper handling of tokens in access.conf,... Moderate Unreviewed
CVE-2024-10963 was published Nov 7, 2024
When multiple server blocks are configured to share the same IP address and port, an attacker can... Moderate Unreviewed
CVE-2025-23419 was published Feb 5, 2025
If LDAP settings are accessed, authentication could be redirected to another server, potentially... Moderate Unreviewed
CVE-2024-12510 was published Feb 3, 2025
Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly... Moderate Unreviewed
CVE-2024-13309 was published Jan 9, 2025
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or... Moderate Unreviewed
CVE-2020-3952 was published May 24, 2022
API Security bypass through header manipulation Moderate Unreviewed
CVE-2024-55925 was published Jan 23, 2025
An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to... Moderate Unreviewed
CVE-2023-28325 was published May 12, 2023
Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin... Moderate Unreviewed
CVE-2009-3168 was published May 2, 2022
** DISPUTED ** lib/crypto/c_src/crypto_drv.c in erlang does not properly check the return value... Moderate Unreviewed
CVE-2009-0130 was published May 2, 2022
Vulnerability of improper authentication in the ANS system service module Impact: Successful... Moderate Unreviewed
CVE-2023-52955 was published Jan 8, 2025
HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys,... Moderate Unreviewed
CVE-2024-42172 was published Jan 11, 2025
A user with administrator privileges is able to retrieve authentication tokens Moderate Unreviewed
CVE-2024-9133 was published Jan 11, 2025
Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful... Moderate Unreviewed
CVE-2024-56445 was published Jan 8, 2025
A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan... Moderate Unreviewed
CVE-2024-13111 was published Jan 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database