Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,150
Maven
5,000+
npm
3,815
NuGet
690
pip
3,490
Pub
12
RubyGems
902
Rust
900
Swift
38
Unreviewed advisories
All unreviewed
5,000+

218 advisories

Loading
The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed
CVE-2025-1515 was published Mar 5, 2025
Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923... Critical Unreviewed
CVE-2025-27658 was published Mar 5, 2025
Authentication bypass vulnerability exists in FutureNet AS series (Industrial Routers) provided... High Unreviewed
CVE-2025-24846 was published Mar 3, 2025
The SetSail Membership plugin for WordPress is vulnerable to in all versions up to, and... Critical Unreviewed
CVE-2025-1564 was published Mar 1, 2025
The Academist Membership plugin for WordPress is vulnerable to Privilege Escalation in all... Critical Unreviewed
CVE-2025-1671 was published Mar 1, 2025
The Alloggio Membership plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed
CVE-2025-1638 was published Mar 1, 2025
IBM FlashSystem (IBM Storage Virtualize (8.5.0.0 through 8.5.0.13, 8.5.1.0, 8.5.2.0 through 8.5.2... Critical Unreviewed
CVE-2025-0159 was published Feb 28, 2025
An Authentication Bypass vulnerability has been found in Trivision Camera NC227WF v5.8.0 from... High Unreviewed
CVE-2025-1739 was published Feb 27, 2025
The Login Me Now plugin for WordPress is vulnerable to authentication bypass in versions up to,... High Unreviewed
CVE-2025-1717 was published Feb 27, 2025
Authentication Bypass Using an Alternate Path or Channel vulnerability in Aldo Latino... Critical Unreviewed
CVE-2025-26966 was published Feb 25, 2025
Authentication bypass using an alternate path or channel issue exists in ”RoboForm Password... Moderate Unreviewed
CVE-2025-26700 was published Feb 17, 2025
The Dingtian DT-R0 Series is vulnerable to an exploit that allows attackers to bypass login... Critical Unreviewed
CVE-2025-1283 was published Feb 14, 2025
Instaclustr Cassandra-Lucene-Index allows bypass of Cassandra RBAC High
CVE-2025-26511 was published for com.instaclustr:cassandra-lucene-index-plugin (Maven) Feb 13, 2025
jfleming-ic
The WP Directorybox Manager plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed
CVE-2024-13182 was published Feb 13, 2025
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting... High Unreviewed
CVE-2025-24472 was published Feb 11, 2025
The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover... Critical Unreviewed
CVE-2025-0181 was published Feb 11, 2025
The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed
CVE-2025-0316 was published Feb 9, 2025
The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed
CVE-2025-1061 was published Feb 7, 2025
Multiple Elber products are affected by an authentication bypass vulnerability which allows... Critical Unreviewed
CVE-2025-0674 was published Feb 7, 2025
Mitmweb API Authentication Bypass Using Proxy Server High
CVE-2025-23217 was published for mitmproxy (pip) Feb 6, 2025
gronke mhils
BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated... Critical Unreviewed
CVE-2025-0364 was published Feb 4, 2025
TYPO3-EXT-SA-2025-001: Account Takeover in extension "OpenID Connect Authentication" (oidc) Moderate
CVE-2025-24856 was published for causal/oidc (Composer) Jan 28, 2025
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed
CVE-2024-12857 was published Jan 22, 2025
In JetBrains Hub before 2024.3.55417 privilege escalation was possible via LDAP authentication... Moderate Unreviewed
CVE-2025-24456 was published Jan 21, 2025
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting... Critical Unreviewed
CVE-2024-55591 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database