Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,426
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,670
Pub
13
RubyGems
1,029
Rust
1,212
Swift
53
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

572 advisories

Loading
Missing Authentication for Critical Function vulnerability in Honeywell Handheld Scanners allows... High Unreviewed
CVE-2026-4272 was published Apr 6, 2026
Core FTP 2.0 build 653 contains a denial of service vulnerability in the PBSZ command that allows... High Unreviewed
CVE-2019-25686 was published Apr 5, 2026
C4G Basic Laboratory Information System 3.4 contains multiple SQL injection vulnerabilities that... High Unreviewed
CVE-2019-25678 was published Apr 5, 2026
Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers... High Unreviewed
CVE-2018-25246 was published Apr 4, 2026
Microsoft VPN Browser+ 1.1.0.0 contains a denial of service vulnerability that allows... High Unreviewed
CVE-2018-25241 was published Apr 4, 2026
A specific administrative endpoint is accessible without proper authentication, exposing device... High Unreviewed
CVE-2026-32646 was published Apr 3, 2026
PMS 0.42 contains a stack-based buffer overflow vulnerability that allows local unauthenticated... High Unreviewed
CVE-2018-25224 was published Mar 28, 2026
SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated... High Unreviewed
CVE-2018-25225 was published Mar 28, 2026
The VSL privileged helper does utilize NSXPC for IPC. The implementation of the ... High Unreviewed
CVE-2026-24068 was published Mar 26, 2026
Vitals ESP developed by Galaxy Software Services has a Missing Authentication vulnerability,... High Unreviewed
CVE-2026-4640 was published Mar 24, 2026
A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210, NX500 and NX600... High Unreviewed
CVE-2025-15517 was published Mar 23, 2026
An unauthenticated credential disclosure vulnerability in the /goform/ate endpoint of Nexxt... High Unreviewed
CVE-2026-31846 was published Mar 23, 2026
The "Privileged Helper" component of the Arturia Software Center (MacOS) does not perform... High Unreviewed
CVE-2026-24062 was published Mar 18, 2026
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0... High Unreviewed
CVE-2026-1264 was published Mar 18, 2026
Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment... High Unreviewed
CVE-2026-22727 was published Mar 18, 2026
Configuration issue in Java Management Extensions (JMX) in TIBCO BPM Enterprise version 4.x... High Unreviewed
CVE-2026-3207 was published Mar 17, 2026
Sipeed NanoKVM before 2.3.1 exposes a Wi-Fi configuration endpoint without proper security checks... High Unreviewed
CVE-2026-32296 was published Mar 17, 2026
The GL-iNet Comet (GL-RM1) KVM does not require authentication on the UART serial console. This... High Unreviewed
CVE-2026-32291 was published Mar 17, 2026
Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass... High Unreviewed
CVE-2026-3558 was published Mar 16, 2026
Serviio PRO 1.8 contains an improper access control vulnerability in the Configuration REST API... High Unreviewed
CVE-2017-20220 was published Mar 16, 2026
Serviio PRO 1.8 contains an information disclosure vulnerability due to improper access control... High Unreviewed
CVE-2017-20217 was published Mar 16, 2026
Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote... High Unreviewed
CVE-2017-20222 was published Mar 16, 2026
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN... High Unreviewed
CVE-2025-13778 was published Mar 13, 2026
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN... High Unreviewed
CVE-2025-13779 was published Mar 13, 2026
Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k contains a restricted shell escape... High Unreviewed
CVE-2019-25483 was published Mar 11, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database