GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,161
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
653
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
164 advisories
Filter by severity
The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up...
Critical
Unreviewed
CVE-2024-9822
was published
Oct 11, 2024
The WP Users Masquerade plugin for WordPress is vulnerable to authentication bypass in versions...
High
Unreviewed
CVE-2024-9522
was published
Oct 10, 2024
The LatePoint plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2024-8943
was published
Oct 8, 2024
The web server of affected devices do not properly authenticate user request to the '/ClientArea...
Moderate
Unreviewed
CVE-2024-46887
was published
Oct 8, 2024
The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to...
Critical
Unreviewed
CVE-2024-9289
was published
Oct 1, 2024
The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions...
Critical
Unreviewed
CVE-2024-9106
was published
Oct 1, 2024
The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up...
High
Unreviewed
CVE-2024-7781
was published
Sep 26, 2024
An attacker can directly request the ProGauge MAGLINK LX CONSOLE
resource sub page with full...
Critical
Unreviewed
CVE-2024-43692
was published
Sep 25, 2024
The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass...
Critical
Unreviewed
CVE-2024-8277
was published
Sep 11, 2024
An authentication bypass weakness in the message broker service of Ivanti Workspace Control...
High
Unreviewed
CVE-2024-8012
was published
Sep 10, 2024
The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local authentication...
High
Unreviewed
CVE-2024-41173
was published
Aug 27, 2024
Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects...
High
Unreviewed
CVE-2024-7125
was published
Aug 27, 2024
IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive...
Moderate
Unreviewed
CVE-2024-35151
was published
Aug 22, 2024
A tampering vulnerability in the CylanceOPTICS Windows Installer Package of CylanceOPTICS for...
High
Unreviewed
CVE-2024-35214
was published
Aug 20, 2024
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2024-7628
was published
Aug 15, 2024
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00...
High
Unreviewed
CVE-2024-35124
was published
Aug 13, 2024
The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in...
Critical
Unreviewed
CVE-2024-7503
was published
Aug 12, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in GST Electronics inohom...
Critical
Unreviewed
CVE-2024-6684
was published
Aug 12, 2024
The Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress plugin for...
Critical
Unreviewed
CVE-2024-7350
was published
Aug 8, 2024
Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass...
High
Unreviewed
CVE-2024-7007
was published
Jul 25, 2024
The WooCommerce - PDF Vouchers plugin for WordPress is vulnerable to authentication bypass in...
High
Unreviewed
CVE-2024-7027
was published
Jul 24, 2024
D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel
Critical
Unreviewed
CVE-2024-38437
was published
Jul 21, 2024
The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in...
High
Unreviewed
CVE-2024-6635
was published
Jul 20, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in PruvaSoft Informatics...
Moderate
Unreviewed
CVE-2024-5620
was published
Jul 18, 2024
The N-central server is vulnerable to session rebinding of already authenticated users when using...
Critical
Unreviewed
CVE-2024-5322
was published
Jul 1, 2024
ProTip!
Advisories are also available from the
GraphQL API