Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

828 advisories

Loading
Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows... Critical Unreviewed
CVE-2024-5805 was published Jun 25, 2024
Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated... Critical Unreviewed
CVE-2024-3080 was published Jun 14, 2024
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an... Critical Unreviewed
CVE-2024-30299 was published Jun 13, 2024
A vulnerability has been identified in PowerSys (All versions < V3.11). The affected application... Critical Unreviewed
CVE-2024-36266 was published Jun 11, 2024
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the... Critical Unreviewed
CVE-2023-43551 was published Jun 3, 2024
YMS VIS Pro is an information system for veterinary and food administration, veterinarians and... Critical Unreviewed
CVE-2024-3263 was published May 14, 2024
NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass... Critical Unreviewed
CVE-2023-38096 was published May 3, 2024
Improper Authentication vulnerability in wp-buy Login as User or Customer (User Switching) allows... Critical Unreviewed
CVE-2023-51484 was published Apr 25, 2024
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege... Critical Unreviewed
CVE-2023-51478 was published Apr 25, 2024
Improper Authentication vulnerability in EazyPlugins Eazy Plugin Manager allows Accessing... Critical Unreviewed
CVE-2023-51482 was published Apr 25, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Privilege... Critical Unreviewed
CVE-2023-51472 was published Apr 24, 2024
Improper Authentication vulnerability in BUDDYBOSS DMCC BuddyBoss Theme allows Accessing... Critical Unreviewed
CVE-2023-51477 was published Apr 24, 2024
A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A... Critical Unreviewed
CVE-2024-2873 was published Mar 26, 2024
This vulnerability allows remote attackers to reset the password of anonymous users without... Critical Unreviewed
CVE-2024-2862 was published Mar 25, 2024
Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication... Critical Unreviewed
CVE-2024-1147 was published Mar 21, 2024
Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication... Critical Unreviewed
CVE-2024-1148 was published Mar 21, 2024
CWE-287: Improper Authentication may allow Authentication Bypass Critical Unreviewed
CVE-2024-27767 was published Mar 18, 2024
An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in... Critical Unreviewed
CVE-2024-0799 was published Mar 13, 2024
An improper authentication vulnerability has been reported to affect several QNAP operating... Critical Unreviewed
CVE-2024-21899 was published Mar 8, 2024
JFrog Artifactory versions 7.59 and above, but below 7.59.18, 7.63.18, 7.68.19, 7.71.8 are... Critical Unreviewed
CVE-2023-42662 was published Mar 7, 2024
Remote Code Execution by uploading a phar file using frontmatter Critical
CVE-2024-27923 was published for getgrav/grav (Composer) Mar 6, 2024
Universe1122
Flask-AppBuilder vulnerable to incorrect authentication when using auth type OpenID Critical
CVE-2024-25128 was published for Flask-AppBuilder (pip) Feb 28, 2024
parantheses dpgaspar
Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware... Critical Unreviewed
CVE-2024-22245 was published Feb 20, 2024
Adobe Framemaker versions 2022.1 and earlier are affected by an Improper Authentication... Critical Unreviewed
CVE-2024-20738 was published Feb 15, 2024
Microsoft Exchange Server Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21410 was published Feb 13, 2024
ProTip! Advisories are also available from the GraphQL API