Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,967
Maven
5,000+
npm
5,000+
NuGet
973
pip
5,000+
Pub
13
RubyGems
1,064
Rust
1,387
Swift
56
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,624 advisories

Loading
BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain an authentication bypass... Moderate Unreviewed
CVE-2025-71257 was published Mar 19, 2026
The "Privileged Helper" component of the Arturia Software Center (MacOS) does not perform... High Unreviewed
CVE-2026-24062 was published Mar 18, 2026
Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment... High Unreviewed
CVE-2026-22727 was published Mar 18, 2026
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7_2, 6.2.0.0... High Unreviewed
CVE-2026-1264 was published Mar 18, 2026
Configuration issue in Java Management Extensions (JMX) in TIBCO BPM Enterprise version 4.x... High Unreviewed
CVE-2026-3207 was published Mar 17, 2026
Sipeed NanoKVM before 2.3.1 exposes a Wi-Fi configuration endpoint without proper security checks... High Unreviewed
CVE-2026-32296 was published Mar 17, 2026
The GL-iNet Comet (GL-RM1) KVM does not require authentication on the UART serial console. This... High Unreviewed
CVE-2026-32291 was published Mar 17, 2026
The Angeet ES3 KVM allows a remote, unauthenticated attacker to write arbitrary files, including... Critical Unreviewed
CVE-2026-32297 was published Mar 17, 2026
GCB/FCB Audit Software developed by DrangSoft has a Missing Authentication vulnerability,... Critical Unreviewed
CVE-2026-4312 was published Mar 17, 2026
Philips Hue Bridge HomeKit Accessory Protocol Transient Pairing Mode Authentication Bypass... High Unreviewed
CVE-2026-3558 was published Mar 16, 2026
Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2026-2491 was published Mar 16, 2026
Exposure of sensitive functionality to an unauthorized actor in Smart Switch prior to version 3.7... Moderate Unreviewed
CVE-2026-20995 was published Mar 16, 2026
Serviio PRO 1.8 contains an information disclosure vulnerability due to improper access control... High Unreviewed
CVE-2017-20217 was published Mar 16, 2026
Serviio PRO 1.8 contains an improper access control vulnerability in the Configuration REST API... High Unreviewed
CVE-2017-20220 was published Mar 16, 2026
Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote... High Unreviewed
CVE-2017-20222 was published Mar 16, 2026
wpDiscuz before 7.6.47 contains a stored cross-site scripting vulnerability that allows... Moderate Unreviewed
CVE-2026-22192 was published Mar 13, 2026
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN... High Unreviewed
CVE-2025-13778 was published Mar 13, 2026
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN... High Unreviewed
CVE-2025-13779 was published Mar 13, 2026
The authentication mechanism for a specific feature in the EasyShare module contains a... Moderate Unreviewed
CVE-2025-15515 was published Mar 13, 2026
The Honeywell IQ4x building management controller, exposes its full web-based HMI without... Critical Unreviewed
CVE-2026-3611 was published Mar 12, 2026
Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k contains a restricted shell escape... High Unreviewed
CVE-2019-25483 was published Mar 11, 2026
Missing Authentication for Critical Function vulnerability in TUBITAK BILGEM Software... High Unreviewed
CVE-2026-2339 was published Mar 10, 2026
Missing authentication for critical function in Azure IoT Explorer allows an unauthorized... High Unreviewed
CVE-2026-23662 was published Mar 10, 2026
The Booking Calendar for Appointments and Service Businesses – Booktics plugin for WordPress is... Moderate Unreviewed
CVE-2026-1920 was published Mar 10, 2026
The Booking Calendar for Appointments and Service Businesses – Booktics plugin for WordPress is... Moderate Unreviewed
CVE-2026-1919 was published Mar 10, 2026
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database