GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,162
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
653
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
84 advisories
Filter by severity
The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in...
Critical
Unreviewed
CVE-2024-7503
was published
Aug 12, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in GST Electronics inohom...
Critical
Unreviewed
CVE-2024-6684
was published
Aug 12, 2024
The Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress plugin for...
Critical
Unreviewed
CVE-2024-7350
was published
Aug 8, 2024
D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel
Critical
Unreviewed
CVE-2024-38437
was published
Jul 21, 2024
The N-central server is vulnerable to session rebinding of already authenticated users when using...
Critical
Unreviewed
CVE-2024-5322
was published
Jul 1, 2024
The N-central server is vulnerable to an authentication bypass of the user interface. This...
Critical
Unreviewed
CVE-2024-28200
was published
Jul 1, 2024
An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks...
Critical
Unreviewed
CVE-2024-2973
was published
Jun 27, 2024
An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to...
Critical
Unreviewed
CVE-2023-37057
was published
Jun 17, 2024
vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway that if exploited an attacker...
Critical
Unreviewed
CVE-2024-2012
was published
Jun 11, 2024
An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server /
API Gateway...
Critical
Unreviewed
CVE-2024-2013
was published
Jun 11, 2024
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise...
Critical
Unreviewed
CVE-2024-29849
was published
May 23, 2024
In XLANG OpenAgents through fe73ac4, the allowed_file protection mechanism can be bypassed by...
Critical
Unreviewed
CVE-2024-34524
was published
May 6, 2024
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an...
Critical
Unreviewed
CVE-2023-49231
was published
Mar 29, 2024
The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management...
Critical
Unreviewed
CVE-2024-2055
was published
Mar 5, 2024
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions...
Critical
Unreviewed
CVE-2024-27198
was published
Mar 4, 2024
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an...
Critical
Unreviewed
CVE-2024-1709
was published
Feb 21, 2024
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
Critical
Unreviewed
CVE-2024-23917
was published
Feb 6, 2024
An authentication bypass vulnerability has been found in Repox, which allows a remote user to...
Critical
Unreviewed
CVE-2023-6718
was published
Dec 13, 2023
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet...
Critical
Unreviewed
CVE-2023-42770
was published
Nov 21, 2023
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege...
Critical
Unreviewed
CVE-2023-3277
was published
Nov 3, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an...
Critical
Unreviewed
CVE-2023-41351
was published
Nov 3, 2023
Undisclosed requests may bypass configuration utility authentication, allowing an attacker...
Critical
Unreviewed
CVE-2023-46747
was published
Oct 26, 2023
A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius...
Critical
Unreviewed
CVE-2023-39930
was published
Oct 25, 2023
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server...
Critical
Unreviewed
CVE-2023-42793
was published
Sep 19, 2023
Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas...
Critical
Unreviewed
CVE-2023-4702
was published
Sep 14, 2023
ProTip!
Advisories are also available from the
GraphQL API