GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,350
Composer 4,362
Erlang 33
GitHub Actions 22
Go 2,133
Maven 5,313
npm 3,797
NuGet 686
pip 3,473
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,245

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

960 advisories

Filter by severity

Sort by

Least recently updated

Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to... High Unreviewed

CVE-2025-21355 was published Feb 20, 2025

Server-Side Access Control Bypass vulnerability in WombatDialer before 25.02 could allow... Moderate Unreviewed

CVE-2024-57055 was published Feb 18, 2025

The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version)... Moderate Unreviewed

CVE-2025-25224 was published Feb 18, 2025

An issue in the Arcadyan Livebox Fibra PRV3399B_B_LT allows a remote or local attacker to modify... Moderate Unreviewed

CVE-2024-57725 was published Feb 14, 2025

The administrative web interface of mySCADA myPRO Manager can be accessed without... Critical Unreviewed

CVE-2025-24865 was published Feb 14, 2025

Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote... Critical Unreviewed

CVE-2025-0896 was published Feb 13, 2025

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated... High Unreviewed

CVE-2025-0108 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in... Moderate Unreviewed

CVE-2025-26360 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26365 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26366 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... Critical Unreviewed

CVE-2025-26361 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26363 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q... Critical Unreviewed

CVE-2025-26359 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26364 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free... High Unreviewed

CVE-2025-26362 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/guest-mode/routes.lua in Q... Critical Unreviewed

CVE-2025-26344 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q... Critical Unreviewed

CVE-2025-26342 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/menu/routes.lua in Q-Free... Critical Unreviewed

CVE-2025-26345 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/menu/routes.lua in Q-Free... Critical Unreviewed

CVE-2025-26347 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxtime/handleRoute.lua in Q-Free... Critical Unreviewed

CVE-2025-26339 was published Feb 12, 2025

A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q... Critical Unreviewed

CVE-2025-26341 was published Feb 12, 2025

Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability Critical Unreviewed

CVE-2025-21198 was published Feb 11, 2025

wandb/openui latest commit c945bb859979659add5f490a874140ad17c56a5d contains a vulnerability... Moderate Unreviewed

CVE-2024-10649 was published Feb 10, 2025

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM UrbanCode Deploy (UCD) 7.0... Moderate Unreviewed

CVE-2024-54176 was published Feb 8, 2025

Built-in SMS-configuration command in Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1... Critical Unreviewed

CVE-2024-36555 was published Feb 6, 2025

Previous 1 2 3 4 5 … 38 39 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

960 advisories