Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,361
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,794
NuGet
685
pip
3,473
Pub
12
RubyGems
895
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,026 advisories

Loading
The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version)... Moderate Unreviewed
CVE-2025-25224 was published Feb 18, 2025
An issue in the Arcadyan Livebox Fibra PRV3399B_B_LT allows a remote or local attacker to modify... Moderate Unreviewed
CVE-2024-57725 was published Feb 14, 2025
The administrative web interface of mySCADA myPRO Manager can be accessed without... Critical Unreviewed
CVE-2025-24865 was published Feb 14, 2025
Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote... Critical Unreviewed
CVE-2025-0896 was published Feb 13, 2025
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated... High Unreviewed
CVE-2025-0108 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in... Moderate Unreviewed
CVE-2025-26360 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed
CVE-2025-26365 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed
CVE-2025-26366 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... Critical Unreviewed
CVE-2025-26361 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed
CVE-2025-26363 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q... Critical Unreviewed
CVE-2025-26359 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed
CVE-2025-26364 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed
CVE-2025-26362 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/guest-mode/routes.lua in Q... Critical Unreviewed
CVE-2025-26344 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q... Critical Unreviewed
CVE-2025-26342 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/menu/routes.lua in Q-Free... Critical Unreviewed
CVE-2025-26345 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/menu/routes.lua in Q-Free... Critical Unreviewed
CVE-2025-26347 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxtime/handleRoute.lua in Q-Free... Critical Unreviewed
CVE-2025-26339 was published Feb 12, 2025
A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q... Critical Unreviewed
CVE-2025-26341 was published Feb 12, 2025
Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability Critical Unreviewed
CVE-2025-21198 was published Feb 11, 2025
wandb/openui latest commit c945bb859979659add5f490a874140ad17c56a5d contains a vulnerability... Moderate Unreviewed
CVE-2024-10649 was published Feb 10, 2025
IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0... Moderate Unreviewed
CVE-2024-54176 was published Feb 8, 2025
Built-in SMS-configuration command in Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1... Critical Unreviewed
CVE-2024-36555 was published Feb 6, 2025
The Four-Faith F3x36 router using firmware v2.0.0 is vulnerable to an authentication bypass... Critical Unreviewed
CVE-2024-9644 was published Feb 4, 2025
A file handling command vulnerability in certain versions of Armoury Crate may result in... High Unreviewed
CVE-2024-12957 was published Jan 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database