GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,146 advisories
Filter by severity
Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT'...
High
Unreviewed
CVE-2020-12627
was published
May 24, 2022
An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server...
High
Unreviewed
CVE-2023-22644
was published
Sep 20, 2023
A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an...
Moderate
Unreviewed
CVE-2024-11209
was published
Nov 14, 2024
Windows Task Scheduler Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-49039
was published
Nov 12, 2024
A vulnerability was found in pam_access due to the improper handling of tokens in access.conf,...
Moderate
Unreviewed
CVE-2024-10963
was published
Nov 7, 2024
The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress...
High
Unreviewed
CVE-2024-9946
was published
Nov 6, 2024
The Heateor Social Login WordPress plugin for WordPress is vulnerable to authentication bypass in...
High
Unreviewed
CVE-2024-10020
was published
Nov 6, 2024
An authentication bypass vulnerability has been identified in Foreman when deployed with External...
Critical
Unreviewed
CVE-2024-7012
was published
Sep 4, 2024
Waybox Enel X web management API authentication could be bypassed and provide administrator’s...
High
Unreviewed
CVE-2023-29117
was published
Nov 5, 2024
The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in all...
High
Unreviewed
CVE-2024-10114
was published
Nov 5, 2024
The Loginizer Security and Loginizer plugins for WordPress are vulnerable to authentication...
High
Unreviewed
CVE-2024-10097
was published
Nov 5, 2024
A vulnerability was found in knightliao Disconf 2.6.36. It has been classified as critical. This...
Moderate
Unreviewed
CVE-2024-10620
was published
Nov 1, 2024
Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless...
Critical
Unreviewed
CVE-2024-50478
was published
Oct 28, 2024
Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical...
Moderate
Unreviewed
CVE-2024-31800
was published
Aug 15, 2024
A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions...
High
Unreviewed
CVE-2023-39981
was published
Sep 2, 2023
TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication...
High
Unreviewed
CVE-2023-33237
was published
Aug 17, 2023
In WhatsUp Gold versions released before 2024.0.0,
an Authentication Bypass issue exists which...
Critical
Unreviewed
CVE-2024-7763
was published
Oct 24, 2024
A vulnerability in Okta Verify for iOS versions 9.25.1 (beta) and 9.27.0 (including beta) allows...
High
Unreviewed
CVE-2024-10327
was published
Oct 24, 2024
The ProfilePress Pro plugin for WordPress is vulnerable to authentication bypass in all versions...
High
Unreviewed
CVE-2024-9947
was published
Oct 23, 2024
The WooCommerce Order Proposal plugin for WordPress is vulnerable to privilege escalation via...
High
Unreviewed
CVE-2024-9927
was published
Oct 23, 2024
A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this...
Moderate
Unreviewed
CVE-2024-10173
was published
Oct 20, 2024
An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An...
Critical
Unreviewed
CVE-2024-23629
was published
Jan 26, 2024
Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows...
High
Unreviewed
CVE-2024-43685
was published
Oct 4, 2024
The Ultimate Membership Pro plugin for WordPress is vulnerable to Authentication Bypass in...
Critical
Unreviewed
CVE-2020-36832
was published
Oct 16, 2024
Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate...
High
Unreviewed
CVE-2024-38139
was published
Oct 16, 2024
ProTip!
Advisories are also available from the
GraphQL API