Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

3,612 advisories

Loading
matrix-media-repo (MMR) allows unauthenticated writes to the media repository, which may allow planting of problematic content Moderate
CVE-2024-36402 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
PAM module may allow accessing with the credentials of another user High
CVE-2024-9313 was published for github.com/ubuntu/authd (Go) Oct 3, 2024
3v1n0 didrocks
adombeck
Improper authentication in zenml Low
CVE-2024-2213 was published for zenml (pip) Jun 6, 2024
** DISPUTED ** lib/crypto/c_src/crypto_drv.c in erlang does not properly check the return value... Moderate Unreviewed
CVE-2009-0130 was published May 2, 2022
Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin... Moderate Unreviewed
CVE-2009-3168 was published May 2, 2022
actionpack Improper Authentication vulnerability Moderate
CVE-2012-3424 was published for actionpack (RubyGems) Oct 24, 2017
ShayAry levpachmanov
Authentication Bypass Due to Missing LDAP Bind After Password Reset in Keycloak Moderate
CVE-2025-0604 was published for org.keycloak:keycloak-ldap-federation (Maven) Jan 22, 2025
An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication... Critical Unreviewed
CVE-2018-10561 was published May 14, 2022
API Security bypass through header manipulation Moderate Unreviewed
CVE-2024-55925 was published Jan 23, 2025
It has been found that the Beta10 software does not provide for proper authorisation control in... Critical Unreviewed
CVE-2025-0637 was published Jan 23, 2025
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows... Critical Unreviewed
CVE-2021-32030 was published May 24, 2022
An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration... Critical Unreviewed
CVE-2023-27823 was published May 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database