GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,414 advisories
Filter by severity
IBM i 7.2, 7.3, 7.4, and 7.5 contains a local privilege escalation vulnerability caused by an...
High
Unreviewed
CVE-2024-27275
was published
Jun 15, 2024
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12....
High
Unreviewed
CVE-2024-37367
was published
Jun 14, 2024
Magento Open Source Improper Authentication vulnerability
High
CVE-2024-34103
was published
for
magento/community-edition
(Composer)
Jun 13, 2024
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-35248
was published
Jun 11, 2024
fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be...
High
Unreviewed
CVE-2024-37408
was published
Jun 8, 2024
ZendOpenID potential security issue in login mechanism
High
GHSA-3x57-m5p4-rgh4
was published
for
zendframework/zendopenid
(Composer)
Jun 7, 2024
Zendframework potential security issue in login mechanism
High
GHSA-9v78-h226-2rmq
was published
for
zendframework/zendframework1
(Composer)
Jun 7, 2024
TYPO3 Security Misconfiguration for Backend User Accounts
High
GHSA-c5mj-39cf-3pp5
was published
for
typo3/cms
(Composer)
Jun 7, 2024
A vulnerability was found in Clash up to 0.20.1 on Windows. It has been declared as critical....
High
Unreviewed
CVE-2024-5732
was published
Jun 7, 2024
Improper Authentication vulnerability in wpase Admin and Site Enhancements (ASE) allows Accessing...
High
Unreviewed
CVE-2023-46630
was published
Jun 4, 2024
TYPO3 Security Misconfiguration for Backend User Accounts
High
GHSA-rxc9-f2x6-qh4w
was published
for
typo3/cms-core
(Composer)
May 30, 2024
TYPO3 CMS Authentication Bypass vulnerability
High
GHSA-x4rj-f7m6-42c3
was published
for
typo3/cms-core
(Composer)
May 30, 2024
Thelia authentication bypass vulnerability
High
GHSA-g8pg-33v4-9r96
was published
for
thelia/thelia
(Composer)
May 30, 2024
scheb/two-factor-bundle bypass two-factor authentication with remember-me option
High
GHSA-9phw-7h96-q3rv
was published
for
scheb/two-factor-bundle
(Composer)
May 21, 2024
scheb/two-factor-bundle bypass two-factor authentication with unverified JWT trusted device token
High
GHSA-h6mp-mc7g-mg49
was published
for
scheb/two-factor-bundle
(Composer)
May 21, 2024
Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects...
High
Unreviewed
CVE-2023-41956
was published
May 17, 2024
Improper Authentication vulnerability in Snow Software AB Snow License Manager on Windows allows...
High
Unreviewed
CVE-2024-4129
was published
May 14, 2024
Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its...
High
Unreviewed
CVE-2020-18305
was published
May 14, 2024
ReCrystallize Server 5.10.0.0 uses a authorization mechanism that relies on the value of a cookie...
High
Unreviewed
CVE-2024-26331
was published
Apr 30, 2024
ArmorX Android APP's multi-factor authentication (MFA) for the login function is not properly...
High
Unreviewed
CVE-2024-4303
was published
Apr 29, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9...
High
Unreviewed
CVE-2024-4024
was published
Apr 25, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing...
High
Unreviewed
CVE-2023-51471
was published
Apr 24, 2024
Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing...
High
Unreviewed
CVE-2023-47504
was published
Apr 24, 2024
There is a difficult to exploit improper authentication issue in the Home application for Esri...
High
Unreviewed
CVE-2024-25699
was published
Apr 4, 2024
An incorrect access control issue in Unit4 Financials by Coda v.2023Q4 allows a remote attacker...
High
Unreviewed
CVE-2024-28735
was published
Mar 20, 2024
ProTip!
Advisories are also available from the
GraphQL API