GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,395
Composer 4,383
Erlang 33
GitHub Actions 22
Go 2,141
Maven 5,314
npm 3,803
NuGet 687
pip 3,479
Pub 12
RubyGems 897
Rust 898
Swift 38

Unreviewed advisories

All unreviewed 245,615

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

803 advisories

Filter by severity

Sort by

Least recently updated

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version... Critical Unreviewed

CVE-2022-40684 was published Oct 18, 2022

A vulnerability in the D-Link DIR-859 router with firmware version A3 1.05 and earlier permits... Critical Unreviewed

CVE-2024-57045 was published Feb 18, 2025

A vulnerability in the TP-Link WR840N v6 router with firmware version 0.9.1 4.16 and earlier... Critical Unreviewed

CVE-2024-57050 was published Feb 18, 2025

A vulnerability in the TP-Link Archer c20 router with firmware version V6.6_230412 and earlier... Critical Unreviewed

CVE-2024-57049 was published Feb 18, 2025

The administrative web interface of a Netgear C7800 Router running firmware version 6.01.07 (and... Critical Unreviewed

CVE-2022-41545 was published Feb 18, 2025

Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... Critical Unreviewed

CVE-2023-28503 was published Mar 29, 2023

Logic vulnerability in the mobile application (com.transsion.carlcare) may lead to the risk of... Critical Unreviewed

CVE-2025-1298 was published Feb 14, 2025

The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks,... Critical Unreviewed

CVE-2023-34124 was published Jul 13, 2023

Logsign Unified SecOps Platform Authentication Bypass Vulnerability. This vulnerability allows... Critical Unreviewed

CVE-2025-1044 was published Feb 11, 2025

An issue in compop.ca ONLINE MALL v.3.5.3 allows a remote attacker to execute arbitrary code via... Critical Unreviewed

CVE-2024-48445 was published Feb 5, 2025

The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows... Critical Unreviewed

CVE-2021-32030 was published May 24, 2022

Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege... Critical Unreviewed

CVE-2023-51478 was published Apr 25, 2024

Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and... Critical Unreviewed

CVE-2021-44077 was published Nov 30, 2021

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass... Critical Unreviewed

CVE-2021-22893 was published May 24, 2022

**UNSUPPORTED WHEN ASSIGNED** Insecure default credentials for the Telnet function in the legacy... Critical Unreviewed

CVE-2025-0890 was published Feb 4, 2025

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API... Critical Unreviewed

CVE-2021-40539 was published May 24, 2022

Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products... Critical Unreviewed

CVE-2023-27388 was published May 23, 2023

OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password... Critical Unreviewed

CVE-2022-35898 was published May 1, 2023

Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP... Critical Unreviewed

CVE-2022-37042 was published Aug 13, 2022

An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration... Critical Unreviewed

CVE-2023-27823 was published May 12, 2023

It has been found that the Beta10 software does not provide for proper authorisation control in... Critical Unreviewed

CVE-2025-0637 was published Jan 23, 2025

An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication... Critical Unreviewed

CVE-2018-10561 was published May 14, 2022

The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content... Critical Unreviewed

CVE-2024-12919 was published Jan 14, 2025

Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed

CVE-2024-28012 was published Mar 28, 2024

Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed

CVE-2024-28009 was published Mar 28, 2024

Previous 1 2 3 4 5 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

803 advisories