GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
828 advisories
Filter by severity
Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows...
Critical
Unreviewed
CVE-2024-5805
was published
Jun 25, 2024
Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated...
Critical
Unreviewed
CVE-2024-3080
was published
Jun 14, 2024
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an...
Critical
Unreviewed
CVE-2024-30299
was published
Jun 13, 2024
A vulnerability has been identified in PowerSys (All versions < V3.11). The affected application...
Critical
Unreviewed
CVE-2024-36266
was published
Jun 11, 2024
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the...
Critical
Unreviewed
CVE-2023-43551
was published
Jun 3, 2024
YMS VIS Pro is an information system for veterinary and food administration, veterinarians and...
Critical
Unreviewed
CVE-2024-3263
was published
May 14, 2024
NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass...
Critical
Unreviewed
CVE-2023-38096
was published
May 3, 2024
Improper Authentication vulnerability in wp-buy Login as User or Customer (User Switching) allows...
Critical
Unreviewed
CVE-2023-51484
was published
Apr 25, 2024
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege...
Critical
Unreviewed
CVE-2023-51478
was published
Apr 25, 2024
Improper Authentication vulnerability in EazyPlugins Eazy Plugin Manager allows Accessing...
Critical
Unreviewed
CVE-2023-51482
was published
Apr 25, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Privilege...
Critical
Unreviewed
CVE-2023-51472
was published
Apr 24, 2024
Improper Authentication vulnerability in BUDDYBOSS DMCC BuddyBoss Theme allows Accessing...
Critical
Unreviewed
CVE-2023-51477
was published
Apr 24, 2024
A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A...
Critical
Unreviewed
CVE-2024-2873
was published
Mar 26, 2024
This vulnerability allows remote attackers to reset the password of anonymous users without...
Critical
Unreviewed
CVE-2024-2862
was published
Mar 25, 2024
Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication...
Critical
Unreviewed
CVE-2024-1147
was published
Mar 21, 2024
Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication...
Critical
Unreviewed
CVE-2024-1148
was published
Mar 21, 2024
CWE-287: Improper Authentication may allow Authentication Bypass
Critical
Unreviewed
CVE-2024-27767
was published
Mar 18, 2024
An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in...
Critical
Unreviewed
CVE-2024-0799
was published
Mar 13, 2024
An improper authentication vulnerability has been reported to affect several QNAP operating...
Critical
Unreviewed
CVE-2024-21899
was published
Mar 8, 2024
JFrog Artifactory versions 7.59 and above, but below 7.59.18, 7.63.18, 7.68.19, 7.71.8 are...
Critical
Unreviewed
CVE-2023-42662
was published
Mar 7, 2024
Remote Code Execution by uploading a phar file using frontmatter
Critical
CVE-2024-27923
was published
for
getgrav/grav
(Composer)
Mar 6, 2024
Flask-AppBuilder vulnerable to incorrect authentication when using auth type OpenID
Critical
CVE-2024-25128
was published
for
Flask-AppBuilder
(pip)
Feb 28, 2024
Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware...
Critical
Unreviewed
CVE-2024-22245
was published
Feb 20, 2024
Adobe Framemaker versions 2022.1 and earlier are affected by an Improper Authentication...
Critical
Unreviewed
CVE-2024-20738
was published
Feb 15, 2024
Microsoft Exchange Server Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2024-21410
was published
Feb 13, 2024
ProTip!
Advisories are also available from the
GraphQL API