GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
60 advisories
Filter by severity
Authentication Bypass Using an Alternate Path or Channel and Authentication Bypass by Primary Weakness in rucio-webui
High
GHSA-v988-828w-xvf2
was published
for
rucio-webui
(pip)
Oct 22, 2021
Authentication Bypass by CSRF Weakness
Critical
GHSA-5629-8855-gf4g
was published
for
solidus_core
(RubyGems)
Nov 18, 2021
Authentication Bypass in ADOdb/ADOdb
Critical
CVE-2021-3850
was published
for
adodb/adodb-php
(Composer)
Jan 27, 2022
Keycloak Gatekeeper vulnerable to bypass on using lower case HTTP headers
High
CVE-2020-14359
was published
for
github.com/keycloak/keycloak-gatekeeper
(Go)
Feb 9, 2022
Authentication Bypass by Primary Weakness in github.com/kongchuanhujiao/server
High
CVE-2021-21403
was published
for
github.com/kongchuanhujiao/server
(Go)
Feb 15, 2022
A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets...
Critical
Unreviewed
CVE-2021-45031
was published
Mar 31, 2022
Keycloak Authentication Error
High
CVE-2019-14909
was published
for
org.keycloak:keycloak-parent
(Maven)
May 24, 2022
A vulnerability has been identified in SIMATIC HMI United Comfort Panels (All versions). Affected...
High
Unreviewed
CVE-2020-15787
was published
May 24, 2022
A flaw was found in Samba, all versions starting samba 4.5.0 until samba 4.9.15, samba 4.10.10,...
Moderate
Unreviewed
CVE-2019-14833
was published
May 24, 2022
Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to...
Critical
Unreviewed
CVE-2022-2651
was published
Aug 5, 2022
Cockpit Content Platform vulnerable to 2FA bypass
High
CVE-2022-2818
was published
for
cockpit-hq/cockpit
(Composer)
Aug 16, 2022
Authentication Bypass by Primary Weakness in GitHub repository kareadita/kavita prior to 0.6.0.3.
Critical
Unreviewed
CVE-2022-3993
was published
Nov 14, 2022
rdiffweb vulnerable to Authentication Bypass by Primary Weakness
High
CVE-2022-4722
was published
for
rdiffweb
(pip)
Dec 27, 2022
golang-nanoauth authentication bypass vulnerability
Critical
CVE-2020-36569
was published
for
github.com/nanobox-io/golang-nanoauth
(Go)
Dec 28, 2022
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass...
Moderate
Unreviewed
CVE-2022-3100
was published
Jan 18, 2023
Authentication Bypass in modoboa
Critical
CVE-2023-0777
was published
for
modoboa
(pip)
Feb 10, 2023
Froxlor is vulnerable to authentication bypass
Critical
CVE-2023-1307
was published
for
froxlor/froxlor
(Composer)
Mar 10, 2023
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature...
Critical
Unreviewed
CVE-2023-27536
was published
Mar 30, 2023
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse...
High
Unreviewed
CVE-2023-27535
was published
Mar 30, 2023
An authentication bypass vulnerability exists in libcurl v8.0.0 where it reuses a previously...
Moderate
Unreviewed
CVE-2023-27538
was published
Mar 30, 2023
Authentication Bypass by Primary Weakness vulnerability in DTS Electronics Redline Router...
Critical
Unreviewed
CVE-2023-1833
was published
Apr 14, 2023
The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID...
Moderate
Unreviewed
CVE-2022-40723
was published
Apr 25, 2023
An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could...
Moderate
Unreviewed
CVE-2023-28126
was published
May 10, 2023
The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks,...
Critical
Unreviewed
CVE-2023-34124
was published
Jul 13, 2023
ProTip!
Advisories are also available from the
GraphQL API