Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,360 advisories

Loading
In WhatsUp Gold versions released before 2023.1.3, there is a missing authentication... High Unreviewed
CVE-2024-5012 was published Jun 25, 2024
Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to... High Unreviewed
CVE-2024-5806 was published Jun 25, 2024
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider High
CVE-2023-22650 was published for github.com/rancher/rancher (Go) Jun 17, 2024
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an... High Unreviewed
CVE-2024-34103 was published Jun 13, 2024
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-35248 was published Jun 11, 2024
ZendOpenID potential security issue in login mechanism High
GHSA-3x57-m5p4-rgh4 was published for zendframework/zendopenid (Composer) Jun 7, 2024
Zendframework potential security issue in login mechanism High
GHSA-9v78-h226-2rmq was published for zendframework/zendframework1 (Composer) Jun 7, 2024
TYPO3 Security Misconfiguration for Backend User Accounts High
GHSA-c5mj-39cf-3pp5 was published for typo3/cms (Composer) Jun 7, 2024
A vulnerability was found in Clash up to 0.20.1 on Windows. It has been declared as critical.... High Unreviewed
CVE-2024-5732 was published Jun 7, 2024
Improper Authentication vulnerability in wpase Admin and Site Enhancements (ASE) allows Accessing... High Unreviewed
CVE-2023-46630 was published Jun 4, 2024
TYPO3 Security Misconfiguration for Backend User Accounts High
GHSA-rxc9-f2x6-qh4w was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 CMS Authentication Bypass vulnerability High
GHSA-x4rj-f7m6-42c3 was published for typo3/cms-core (Composer) May 30, 2024
Thelia authentication bypass vulnerability High
GHSA-g8pg-33v4-9r96 was published for thelia/thelia (Composer) May 30, 2024
scheb/two-factor-bundle bypass two-factor authentication with remember-me option High
GHSA-9phw-7h96-q3rv was published for scheb/two-factor-bundle (Composer) May 21, 2024
scheb/two-factor-bundle bypass two-factor authentication with unverified JWT trusted device token High
GHSA-h6mp-mc7g-mg49 was published for scheb/two-factor-bundle (Composer) May 21, 2024
Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects... High Unreviewed
CVE-2023-41956 was published May 17, 2024
Improper Authentication vulnerability in Snow Software AB Snow License Manager on Windows allows... High Unreviewed
CVE-2024-4129 was published May 14, 2024
ArmorX Android APP's multi-factor authentication (MFA) for the login function is not properly... High Unreviewed
CVE-2024-4303 was published Apr 29, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9... High Unreviewed
CVE-2024-4024 was published Apr 25, 2024
Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing... High Unreviewed
CVE-2023-47504 was published Apr 24, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing... High Unreviewed
CVE-2023-51471 was published Apr 24, 2024
There is a difficult to exploit improper authentication issue in the Home application for Esri... High Unreviewed
CVE-2024-25699 was published Apr 4, 2024
Erroneous authentication pass in Spring Security High
CVE-2024-22257 was published for org.springframework.security:spring-security-core (Maven) Mar 18, 2024
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before... High Unreviewed
CVE-2024-2450 was published Mar 15, 2024
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and... High Unreviewed
CVE-2023-38534 was published Mar 14, 2024
ProTip! Advisories are also available from the GraphQL API