Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,967
Maven
5,000+
npm
5,000+
NuGet
973
pip
5,000+
Pub
13
RubyGems
1,064
Rust
1,387
Swift
56
Unreviewed advisories
All unreviewed
5,000+

27 advisories

Loading
django-mdeditor is Missing Authentication for Critical Function Low
CVE-2025-13030 was published for django-mdeditor (pip) Apr 30, 2026
A flaw has been found in Chia Blockchain 2.1.0. The affected element is the function... Low Unreviewed
CVE-2026-3194 was published Feb 25, 2026
A potential missing authentication vulnerability was reported in some Lenovo Tablets that could... Low Unreviewed
CVE-2025-14058 was published Jan 15, 2026
Improper authentication and missing CSRF protection in the local setup interface component in HCL... Low Unreviewed
CVE-2025-31963 was published Jan 7, 2026
An issue in the Bluetooth Human Interface Device (HID) of JXL 9 Inch Car Android Double Din... Low Unreviewed
CVE-2025-63896 was published Dec 4, 2025
Mattermost fails to validate user permissions in Boards Low
CVE-2025-13870 was published for github.com/mattermost/mattermost (Go) Dec 2, 2025
Insider Threat Management (ITM) Server versions prior to 7.17.2 contain an authentication bypass... Low Unreviewed
CVE-2025-8558 was published Nov 3, 2025
Apache SeaTunnel: Unauthenticated insecure access Low
CVE-2025-32896 was published for org.apache.seatunnel:seatunnel-engine-common (Maven) Jun 19, 2025
A vulnerability was found in Signal App 7.41.4 on Android. It has been declared as problematic.... Low Unreviewed
CVE-2025-5715 was published Jun 6, 2025
HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated... Low Unreviewed
CVE-2024-42178 was published Apr 18, 2025
Mattermost Missing Authentication for Critical Function Low
CVE-2025-27538 was published for github.com/mattermost/mattermost/server/v8 (Go) Apr 16, 2025
In JetBrains YouTrack before 2024.3.51866 improper access control allowed listing of project... Low Unreviewed
CVE-2024-54155 was published Dec 4, 2024
In JetBrains YouTrack before 2024.3.51866 unauthenticated database backup download was possible... Low Unreviewed
CVE-2024-54153 was published Dec 4, 2024
Multiple FCNT Android devices provide the original security features such as "privacy mode" where... Low Unreviewed
CVE-2024-53701 was published Nov 29, 2024
Improper handling of WiFi information by framework services can allow certain malicious... Low Unreviewed
CVE-2020-12492 was published Nov 25, 2024
There is a MEDIUM severity vulnerability affecting CPython. The “socket” module provides a pure... Low Unreviewed
CVE-2024-3219 was published Jul 30, 2024
Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile... Low Unreviewed
CVE-2024-31684 was published Jun 3, 2024
Unauthenticated db-file-storage views Low
CVE-2023-50263 was published for nautobot (pip) Dec 13, 2023
Kircheneer Credited to Kircheneer
The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots,... Low Unreviewed
CVE-2023-29063 was published Nov 28, 2023
Missing Authentication for Critical Function in GitHub repository kareadita/kavita prior to 0.7.0. Low Unreviewed
CVE-2023-0919 was published Feb 19, 2023
The force offline MFA prompt setting is not respected when switching to offline mode in... Low Unreviewed
CVE-2023-0463 was published Jan 26, 2023
Some Dahua software products have a vulnerability of unauthenticated traceroute host from remote... Low Unreviewed
CVE-2022-45433 was published Dec 27, 2022
Rdiffweb vulnerable to Missing Authentication for Critical Function Low
CVE-2022-4018 was published for rdiffweb (pip) Nov 16, 2022
Free5gc v3.2.1 is vulnerable to Information disclosure. Low Unreviewed
CVE-2022-38870 was published Oct 25, 2022
SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to... Low Unreviewed
CVE-2021-32453 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database