GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,354

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,146 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an... Moderate Unreviewed

CVE-2024-11209 was published Nov 14, 2024

Windows Task Scheduler Elevation of Privilege Vulnerability High Unreviewed

CVE-2024-49039 was published Nov 12, 2024

A vulnerability was found in pam_access due to the improper handling of tokens in access.conf,... Moderate Unreviewed

CVE-2024-10963 was published Nov 7, 2024

The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress... High Unreviewed

CVE-2024-9946 was published Nov 6, 2024

The Heateor Social Login WordPress plugin for WordPress is vulnerable to authentication bypass in... High Unreviewed

CVE-2024-10020 was published Nov 6, 2024

An authentication bypass vulnerability has been identified in Foreman when deployed with External... Critical Unreviewed

CVE-2024-7012 was published Sep 4, 2024

Waybox Enel X web management API authentication could be bypassed and provide administrator’s... High Unreviewed

CVE-2023-29117 was published Nov 5, 2024

The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in all... High Unreviewed

CVE-2024-10114 was published Nov 5, 2024

The Loginizer Security and Loginizer plugins for WordPress are vulnerable to authentication... High Unreviewed

CVE-2024-10097 was published Nov 5, 2024

A vulnerability was found in knightliao Disconf 2.6.36. It has been classified as critical. This... Moderate Unreviewed

CVE-2024-10620 was published Nov 1, 2024

Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless... Critical Unreviewed

CVE-2024-50478 was published Oct 28, 2024

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical... Moderate Unreviewed

CVE-2024-31800 was published Aug 15, 2024

A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions... High Unreviewed

CVE-2023-39981 was published Sep 2, 2023

TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication... High Unreviewed

CVE-2023-33237 was published Aug 17, 2023

In WhatsUp Gold versions released before 2024.0.0, an Authentication Bypass issue exists which... Critical Unreviewed

CVE-2024-7763 was published Oct 24, 2024

A vulnerability in Okta Verify for iOS versions 9.25.1 (beta) and 9.27.0 (including beta) allows... High Unreviewed

CVE-2024-10327 was published Oct 24, 2024

The ProfilePress Pro plugin for WordPress is vulnerable to authentication bypass in all versions... High Unreviewed

CVE-2024-9947 was published Oct 23, 2024

The WooCommerce Order Proposal plugin for WordPress is vulnerable to privilege escalation via... High Unreviewed

CVE-2024-9927 was published Oct 23, 2024

A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this... Moderate Unreviewed

CVE-2024-10173 was published Oct 20, 2024

An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An... Critical Unreviewed

CVE-2024-23629 was published Jan 26, 2024

Improper Authentication vulnerability in Microchip TimeProvider 4100 (login modules) allows... High Unreviewed

CVE-2024-43685 was published Oct 4, 2024

The Ultimate Membership Pro plugin for WordPress is vulnerable to Authentication Bypass in... Critical Unreviewed

CVE-2020-36832 was published Oct 16, 2024

Improper authentication in Microsoft Dataverse allows an authorized attacker to elevate... High Unreviewed

CVE-2024-38139 was published Oct 16, 2024

An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two... High Unreviewed

CVE-2022-30550 was published Jul 18, 2022

An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server... Moderate Unreviewed

CVE-2023-22644 was published Sep 20, 2023

Previous 1 2 3 4 5 … 125 126 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,146 advisories