Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

28 advisories

Loading
FileBrowser Quantum: Password-Protected Share Bypass via /public/api/share/info High
CVE-2026-30933 was published for github.com/gtsteffaniak/filebrowser/backend (Go) Mar 9, 2026
mdcoxe Credited to mdcoxe
A vulnerability in rustdesk-client RustDesk Client rustdesk-client on Windows, MacOS, Linux, iOS,... High Unreviewed
CVE-2026-30783 was published Mar 5, 2026
1Panel – CAPTCHA Bypass via Client-Controlled Flag High
CVE-2025-66507 was published for github.com/1Panel-dev/1Panel (Go) Dec 8, 2025
aliyevmursal Credited to aliyevmursal
The SKT PayPal for WooCommerce plugin for WordPress is vulnerable to Payment Bypass in all... High Unreviewed
CVE-2025-7820 was published Nov 27, 2025
A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an... High Unreviewed
CVE-2025-10622 was published Nov 5, 2025
The WPC Name Your Price for WooCommerce plugin for WordPress is vulnerable to unauthorized price... High Unreviewed
CVE-2025-12115 was published Oct 31, 2025
An issue in Orban Optimod 5950, Optimod 5950HD, Optimod 5750, Optimod 5750HD, Optimod Trio... High Unreviewed
CVE-2025-61197 was published Oct 6, 2025
The Vitogate 300 web interface fails to enforce proper server-side authentication and relies on... High Unreviewed
CVE-2025-9495 was published Sep 23, 2025
Cognex In-Sight Explorer and In-Sight Camera Firmware expose a service implementing a... High Unreviewed
CVE-2025-53969 was published Sep 19, 2025
The Order Tip for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Improper... High Unreviewed
CVE-2025-6025 was published Aug 15, 2025
An authentication bypass vulnerability was reported in FileZ client application that could allow... High Unreviewed
CVE-2025-6249 was published Jul 17, 2025
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.16.5), RUGGEDCOM... High Unreviewed
CVE-2025-40591 was published Jun 10, 2025
IBM Aspera Faspex 5.0.0 through 5.0.12 could allow an authenticated user to obtain sensitive... High Unreviewed
CVE-2025-33137 was published May 22, 2025
A vulnerability in Cisco Unified Intelligence Center could allow an authenticated, remote... High Unreviewed
CVE-2025-20113 was published May 21, 2025
This vulnerability exists in Meon KYC solutions due to insufficient server-side validation of the... High Unreviewed
CVE-2025-42601 was published Apr 23, 2025
W. W. Norton InQuizitive through 2025-04-08 allows students to insert arbitrary records of their... High Unreviewed
CVE-2025-32808 was published Apr 11, 2025
An issue in account management interface in Netsweeper Server v.8.2.6 and earlier (fixed in v.8.2... High Unreviewed
CVE-2025-25497 was published Mar 6, 2025
Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before... High Unreviewed
CVE-2024-9844 was published Dec 10, 2024
A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData at least... High Unreviewed
CVE-2024-23666 was published Nov 12, 2024
Insufficient server-side controls in the management console of Ivanti Workspace Control version... High Unreviewed
CVE-2024-44106 was published Sep 10, 2024
CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security High Unreviewed
CVE-2024-42340 was published Aug 25, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1).... High Unreviewed
CVE-2024-39870 was published Jul 9, 2024
A client-side enforcement of server-side security in Fortinet FortiSandbox version 4.4.0 through... High Unreviewed
CVE-2024-31491 was published May 14, 2024
Privileges are not fully verified server-side, which can be abused by a user with limited... High Unreviewed
CVE-2024-28029 was published Mar 22, 2024
Insufficient policy enforcement in developer tools in Google Chrome prior to 106.0.5249.62... High Unreviewed
CVE-2022-3308 was published Nov 2, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database