GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,394 advisories
Filter by severity
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9...
High
Unreviewed
CVE-2024-4024
was published
Apr 25, 2024
Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing...
High
Unreviewed
CVE-2023-47504
was published
Apr 24, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing...
High
Unreviewed
CVE-2023-51471
was published
Apr 24, 2024
There is a difficult to exploit improper authentication issue in the Home application for Esri...
High
Unreviewed
CVE-2024-25699
was published
Apr 4, 2024
An incorrect access control issue in Unit4 Financials by Coda v.2023Q4 allows a remote attacker...
High
Unreviewed
CVE-2024-28735
was published
Mar 20, 2024
Erroneous authentication pass in Spring Security
High
CVE-2024-22257
was published
for
org.springframework.security:spring-security-core
(Maven)
Mar 18, 2024
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before...
High
Unreviewed
CVE-2024-2450
was published
Mar 15, 2024
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and...
High
Unreviewed
CVE-2023-38534
was published
Mar 14, 2024
Windows Kerberos Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-21427
was published
Mar 12, 2024
Microsoft Authenticator Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-21390
was published
Mar 12, 2024
An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions...
High
Unreviewed
CVE-2023-46717
was published
Mar 12, 2024
A vulnerability has been found in Demososo DM Enterprise Website Building System up to 2022.8 and...
High
Unreviewed
CVE-2024-1817
was published
Feb 23, 2024
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD)...
High
Unreviewed
CVE-2023-52161
was published
Feb 22, 2024
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.7.0 could allow a local...
High
Unreviewed
CVE-2022-41737
was published
Feb 17, 2024
IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an...
High
Unreviewed
CVE-2022-41738
was published
Feb 17, 2024
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering
of...
High
Unreviewed
CVE-2024-0568
was published
Feb 14, 2024
A vulnerability has been identified in Polarion ALM (All versions). The REST API endpoints of...
High
Unreviewed
CVE-2024-23813
was published
Feb 13, 2024
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username...
High
Unreviewed
CVE-2024-25313
was published
Feb 9, 2024
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with...
High
Unreviewed
CVE-2023-51761
was published
Feb 9, 2024
Improper Authentication in HashiCorp Vault
High
CVE-2021-3282
was published
for
github.com/hashicorp/vault
(Go)
Jan 31, 2024
HashiCorp Vault Authentication bypass
High
CVE-2020-16251
was published
for
github.com/hashicorp/vault
(Go)
Jan 31, 2024
CrateDB authentication bypass vulnerability
High
CVE-2023-51982
was published
for
crate
(Maven)
Jan 30, 2024
A vulnerability was found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified as...
High
Unreviewed
CVE-2024-1006
was published
Jan 29, 2024
HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.
High
Unreviewed
CVE-2023-50275
was published
Jan 23, 2024
Authorization vulnerability in the BootLoader module. Successful exploitation of this...
High
Unreviewed
CVE-2023-52111
was published
Jan 16, 2024
ProTip!
Advisories are also available from the
GraphQL API