Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,405
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,641
Pub
13
RubyGems
1,026
Rust
1,209
Swift
53
Unreviewed advisories
All unreviewed
5,000+

634 advisories

Loading
SAP HANA database is vulnerable to privilege escalation allowing an attacker with valid... High Unreviewed
CVE-2026-0492 was published Jan 13, 2026
Vivotek IP7137 camera with firmware version 0200a is vulnerable to an information disclosure... High Unreviewed
CVE-2025-66049 was published Jan 9, 2026
FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64 contains an unauthenticated... High Unreviewed
CVE-2017-20213 was published Jan 8, 2026
Bagisto Missing Authentication on Installer API Endpoints High
CVE-2026-21446 was published for bagisto/bagisto (Composer) Jan 2, 2026
mhzcyber Credited to mhzcyber
Langflow Missing Authentication on Critical API Endpoints High
CVE-2026-21445 was published for langflow (pip) Jan 2, 2026
kj84park Credited to kj84park and juh0ng juh0ng juh0ng
Akuvox Smart Intercom S539 contains an unauthenticated vulnerability that allows remote attackers... High Unreviewed
CVE-2024-58336 was published Dec 31, 2025
Pexip Infinity before 39.0 has Missing Authentication for a Critical Function in a product... High Unreviewed
CVE-2025-66377 was published Dec 25, 2025
A remote unauthenticated attacker may be able to bypass authentication by utilizing a specific... High Unreviewed
CVE-2025-3232 was published Dec 24, 2025
Rifatron 5brid DVR contains an unauthenticated vulnerability in the animate.cgi script that... High Unreviewed
CVE-2019-25240 was published Dec 24, 2025
iSeeQ Hybrid DVR WH-H4 1.03R contains an unauthenticated vulnerability in the get_jpeg script... High Unreviewed
CVE-2019-25236 was published Dec 24, 2025
Beward N100 M2.1.6.04C014 contains an unauthenticated vulnerability that allows remote attackers... High Unreviewed
CVE-2019-25248 was published Dec 24, 2025
FLIR thermal traffic cameras contain an unauthenticated vulnerability that allows remote... High Unreviewed
CVE-2018-25141 was published Dec 24, 2025
FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability that allows remote... High Unreviewed
CVE-2018-25136 was published Dec 24, 2025
FLIR Brickstream 3D+ 2.1.742.1842 contains an unauthenticated vulnerability in the ExportConfig... High Unreviewed
CVE-2018-25137 was published Dec 24, 2025
FLIR AX8 Thermal Camera 1.32.16 contains an unauthenticated vulnerability that allows remote... High Unreviewed
CVE-2018-25139 was published Dec 24, 2025
Authorization bypass vulnerability in Hitachi Infrastructure Analytics Advisor (Data Center... High Unreviewed
CVE-2025-66445 was published Dec 24, 2025
SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated vulnerability in the /usr/cgi-bin... High Unreviewed
CVE-2023-53964 was published Dec 23, 2025
Screen SFT DAB 600/C Firmware 1.9.3 contains a weak session management vulnerability that allows... High Unreviewed
CVE-2023-53970 was published Dec 23, 2025
D-Link DSL-124 ME_1.00 contains a configuration file disclosure vulnerability that allows... High Unreviewed
CVE-2023-53974 was published Dec 23, 2025
The HTTPS service on Tapo C200 V3 exposes a connectAP interface without proper authentication. An... High Unreviewed
CVE-2025-14300 was published Dec 20, 2025
Successful exploitation of the vulnerability could allow an attacker with local network access to... High Unreviewed
CVE-2025-52692 was published Dec 19, 2025
An authentication bypass vulnerability exists in Open-WebUI <=0.6.32 in the /api/config endpoint.... High Unreviewed
CVE-2025-63391 was published Dec 18, 2025
WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) is vulnerable to Broken Access... High Unreviewed
CVE-2025-65010 was published Dec 18, 2025
In WODESYS WD-R608U router (also known as WDR122B V2.0 and WDR28) due to lack of authentication... High Unreviewed
CVE-2025-65007 was published Dec 18, 2025
D-Link DAP-1325 firmware version 1.01 contains a broken access control vulnerability that allows... High Unreviewed
CVE-2023-53896 was published Dec 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database