GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,162
Erlang
30
GitHub Actions
19
Go
1,966
Maven
5,000+
npm
3,694
NuGet
653
pip
3,311
Pub
11
RubyGems
881
Rust
831
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
84 advisories
Filter by severity
Even if the authentication fails for local service authentication, the requested command could...
Critical
Unreviewed
CVE-2022-46732
was published
Jan 18, 2023
The impacted products, when configured to use SSO, are affected by an improper authentication...
Critical
Unreviewed
CVE-2021-43935
was published
Dec 16, 2021
Delta Electronics DIAEnergie Version 1.7.5 and prior may allow an attacker to add a new...
Critical
Unreviewed
CVE-2021-32967
was published
May 24, 2022
This vulnerability allows remote attackers to bypass authentication on affected installations of...
Critical
Unreviewed
CVE-2022-35869
was published
Jul 26, 2022
ECOA BAS controller suffers from an authentication bypass vulnerability. An unauthenticated...
Critical
Unreviewed
CVE-2021-41292
was published
May 24, 2022
Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an...
Critical
Unreviewed
CVE-2021-36308
was published
May 24, 2022
Mesa Labs AmegaView Versions 3.0 uses default cookies that could be set to bypass authentication...
Critical
Unreviewed
CVE-2021-27453
was published
Dec 22, 2021
An unauthenticated remote attacker can access mySCADA myPRO Versions 8.20.0 and prior without any...
Critical
Unreviewed
CVE-2021-43985
was published
Dec 24, 2021
This vulnerability allows remote attackers to bypass authentication on affected installations of...
Critical
Unreviewed
CVE-2022-24047
was published
Feb 19, 2022
SQL injection and file upload attacks are possible due to insufficient validation of input values...
Critical
Unreviewed
CVE-2021-26634
was published
Jun 3, 2022
Unauthorized access to Gateway user capabilities
Critical
Unreviewed
CVE-2022-27510
was published
Nov 9, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows...
Critical
Unreviewed
CVE-2022-0992
was published
Apr 20, 2022
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege...
Critical
Unreviewed
CVE-2023-3277
was published
Nov 3, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an...
Critical
Unreviewed
CVE-2023-41351
was published
Nov 3, 2023
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet...
Critical
Unreviewed
CVE-2023-42770
was published
Nov 21, 2023
Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas...
Critical
Unreviewed
CVE-2023-4702
was published
Sep 14, 2023
An authentication bypass vulnerability has been found in Repox, which allows a remote user to...
Critical
Unreviewed
CVE-2023-6718
was published
Dec 13, 2023
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)...
Critical
Unreviewed
CVE-2023-20269
was published
Sep 6, 2023
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
Critical
Unreviewed
CVE-2024-23917
was published
Feb 6, 2024
Undisclosed requests may bypass configuration utility authentication, allowing an attacker...
Critical
Unreviewed
CVE-2023-46747
was published
Oct 26, 2023
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an...
Critical
Unreviewed
CVE-2024-1709
was published
Feb 21, 2024
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions...
Critical
Unreviewed
CVE-2024-27198
was published
Mar 4, 2024
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability....
Critical
Unreviewed
CVE-2019-3758
was published
May 24, 2022
The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in...
Critical
Unreviewed
CVE-2023-2027
was published
Apr 15, 2023
The RegistrationMagic plugin for WordPress is vulnerable to authentication bypass in versions up...
Critical
Unreviewed
CVE-2023-2499
was published
May 16, 2023
ProTip!
Advisories are also available from the
GraphQL API