GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
873 advisories
Filter by severity
pREST vulnerable to jwt bypass + sql injection
Critical
GHSA-wm25-j4gw-6vr3
was published
for
github.com/prest/prest
(Go)
Jul 30, 2024
An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access...
Critical
Unreviewed
CVE-2024-7395
was published
Aug 5, 2024
An insufficient authorization vulnerability in web component of EPMM prior to 12.1.0.1 allows an...
Critical
Unreviewed
CVE-2024-36130
was published
Aug 7, 2024
Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator...
Critical
Unreviewed
CVE-2024-7746
was published
Aug 13, 2024
Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1...
Critical
Unreviewed
CVE-2024-7593
was published
Aug 13, 2024
Improper Authentication vulnerability in upKeeper Solutions product upKeeper Manager allows...
Critical
Unreviewed
CVE-2024-42462
was published
Aug 16, 2024
An authentication bypass vulnerability has been identified in Foreman when deployed with External...
Critical
Unreviewed
CVE-2024-7012
was published
Sep 4, 2024
An authentication bypass vulnerability has been identified in Pulpcore when deployed with...
Critical
Unreviewed
CVE-2024-7923
was published
Sep 4, 2024
Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function.
Critical
Unreviewed
CVE-2023-37226
was published
Sep 10, 2024
CVE-2024-45823 IMPACT
An
authentication bypass vulnerability exists in the affected product....
Critical
Unreviewed
CVE-2024-45823
was published
Sep 12, 2024
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication...
Critical
Unreviewed
CVE-2024-8956
was published
Sep 17, 2024
**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An...
Critical
Unreviewed
CVE-2024-34399
was published
Sep 18, 2024
An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows bypassing authentication.
Critical
Unreviewed
CVE-2024-47218
was published
Sep 22, 2024
A condition exists in FlashArray Purity whereby an attacker can employ a privileged account...
Critical
Unreviewed
CVE-2024-0002
was published
Sep 23, 2024
Jenkins OpenId Connect Authentication Plugin lacks audience claim validation
Critical
CVE-2024-47806
was published
for
org.jenkins-ci.plugins:oic-auth
(Maven)
Oct 2, 2024
Jenkins OpenId Connect Authentication Plugin lacks issuer claim validation
Critical
CVE-2024-47807
was published
for
org.jenkins-ci.plugins:oic-auth
(Maven)
Oct 2, 2024
A vulnerability has been identified in SENTRON 7KM PAC3200 (All versions). Affected devices only...
Critical
Unreviewed
CVE-2024-41798
was published
Oct 8, 2024
Windows Netlogon Elevation of Privilege Vulnerability
Critical
Unreviewed
CVE-2024-38124
was published
Oct 8, 2024
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an...
Critical
Unreviewed
CVE-2024-45115
was published
Oct 10, 2024
The Ultimate Membership Pro plugin for WordPress is vulnerable to Authentication Bypass in...
Critical
Unreviewed
CVE-2020-36832
was published
Oct 16, 2024
Improper Authentication vulnerability in Apache Solr
Critical
CVE-2024-45216
was published
for
org.apache.solr:solr
(Maven)
Oct 16, 2024
In WhatsUp Gold versions released before 2024.0.0,
an Authentication Bypass issue exists which...
Critical
Unreviewed
CVE-2024-7763
was published
Oct 24, 2024
Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless...
Critical
Unreviewed
CVE-2024-50478
was published
Oct 28, 2024
ProTip!
Advisories are also available from the
GraphQL API