Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

783 advisories

Loading
The N-central server is vulnerable to an authentication bypass of the user interface. This... Critical Unreviewed
CVE-2024-28200 was published Jul 1, 2024
Improper Authentication vulnerability in Progress MOVEit Gateway (SFTP modules) allows... Critical Unreviewed
CVE-2024-5805 was published Jun 25, 2024
The Lifeline Donation plugin for WordPress is vulnerable to authentication bypass in versions up... Critical Unreviewed
CVE-2024-5432 was published Jun 20, 2024
Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024... Critical Unreviewed
CVE-2024-6057 was published Jun 17, 2024
Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated... Critical Unreviewed
CVE-2024-3080 was published Jun 14, 2024
HPE Cray Parallel Application Launch Service (PALS) is subject to an authentication bypass. Critical Unreviewed
CVE-2024-22441 was published Jun 13, 2024
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an... Critical Unreviewed
CVE-2024-30299 was published Jun 13, 2024
A vulnerability has been identified in PowerSys (All versions < V3.11). The affected application... Critical Unreviewed
CVE-2024-36266 was published Jun 11, 2024
Northern.tech Mender Enterprise before 3.6.4 and 3.7.x before 3.7.4 has Weak Authentication. Critical Unreviewed
CVE-2024-37019 was published Jun 3, 2024
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the... Critical Unreviewed
CVE-2023-43551 was published Jun 3, 2024
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise... Critical Unreviewed
CVE-2024-29849 was published May 23, 2024
YMS VIS Pro is an information system for veterinary and food administration, veterinarians and... Critical Unreviewed
CVE-2024-3263 was published May 14, 2024
D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Permission Bypass via the getcfg... Critical Unreviewed
CVE-2024-33110 was published May 6, 2024
NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass... Critical Unreviewed
CVE-2023-38096 was published May 3, 2024
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege... Critical Unreviewed
CVE-2023-51478 was published Apr 25, 2024
Improper Authentication vulnerability in wp-buy Login as User or Customer (User Switching) allows... Critical Unreviewed
CVE-2023-51484 was published Apr 25, 2024
Improper Authentication vulnerability in EazyPlugins Eazy Plugin Manager allows Accessing... Critical Unreviewed
CVE-2023-51482 was published Apr 25, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Privilege... Critical Unreviewed
CVE-2023-51472 was published Apr 24, 2024
Improper Authentication vulnerability in BUDDYBOSS DMCC BuddyBoss Theme allows Accessing... Critical Unreviewed
CVE-2023-51477 was published Apr 24, 2024
The system application (com.transsion.kolun.aiservice) component does not perform an... Critical Unreviewed
CVE-2024-3701 was published Apr 15, 2024
In VeridiumID before 3.5.0, the WebAuthn API allows an internal unauthenticated attacker (who can... Critical Unreviewed
CVE-2023-44039 was published Apr 3, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed
CVE-2024-28009 was published Mar 28, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed
CVE-2024-28012 was published Mar 28, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed
CVE-2024-28007 was published Mar 28, 2024
In TeslaMate before 1.27.2, there is unauthorized access to port 4000 for remote viewing and... Critical Unreviewed
CVE-2023-31634 was published Mar 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database