Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

781 advisories

Loading
An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An... Critical Unreviewed
CVE-2024-23629 was published Jan 26, 2024
The Ultimate Membership Pro plugin for WordPress is vulnerable to Authentication Bypass in... Critical Unreviewed
CVE-2020-36832 was published Oct 16, 2024
Hitron Technologies CODA-5310 Telnet function with the default account and password, and there is... Critical Unreviewed
CVE-2023-30603 was published Jul 6, 2023
The login REST API in ProLion CryptoSpike 3.0.15P2 (when LDAP or Active Directory is used as the... Critical Unreviewed
CVE-2023-36655 was published Dec 6, 2023
The authentication mechanism can be bypassed by overflowing the value of the Cookie ... Critical Unreviewed
CVE-2023-49262 was published Jan 12, 2024
Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest... Critical Unreviewed
CVE-2023-4612 was published Nov 9, 2023
Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an... Critical Unreviewed
CVE-2024-45115 was published Oct 10, 2024
Windows Netlogon Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-38124 was published Oct 8, 2024
A vulnerability has been identified in SENTRON 7KM PAC3200 (All versions). Affected devices only... Critical Unreviewed
CVE-2024-41798 was published Oct 8, 2024
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to... Critical Unreviewed
CVE-2022-26136 was published Jul 21, 2022
An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows bypassing authentication. Critical Unreviewed
CVE-2024-47218 was published Sep 22, 2024
A condition exists in FlashArray Purity whereby an attacker can employ a privileged account... Critical Unreviewed
CVE-2024-0002 was published Sep 23, 2024
**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An... Critical Unreviewed
CVE-2024-34399 was published Sep 18, 2024
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication... Critical Unreviewed
CVE-2024-8956 was published Sep 17, 2024
CVE-2024-45823 IMPACT An authentication bypass vulnerability exists in the affected product.... Critical Unreviewed
CVE-2024-45823 was published Sep 12, 2024
Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function. Critical Unreviewed
CVE-2023-37226 was published Sep 10, 2024
HPE Cray Parallel Application Launch Service (PALS) is subject to an authentication bypass. Critical Unreviewed
CVE-2024-22441 was published Jun 13, 2024
An authentication bypass vulnerability has been identified in Foreman when deployed with External... Critical Unreviewed
CVE-2024-7012 was published Sep 4, 2024
An authentication bypass vulnerability has been identified in Pulpcore when deployed with... Critical Unreviewed
CVE-2024-7923 was published Sep 4, 2024
Improper authentication in the vault password feature in Devolutions Remote Desktop Manager 2024... Critical Unreviewed
CVE-2024-6057 was published Jun 17, 2024
Improper Authentication vulnerability in upKeeper Solutions product upKeeper Manager allows... Critical Unreviewed
CVE-2024-42462 was published Aug 16, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed
CVE-2024-28012 was published Mar 28, 2024
Use of Default Credentials vulnerability in Tananaev Solutions Traccar Server on Administrator... Critical Unreviewed
CVE-2024-7746 was published Aug 13, 2024
The N-central server is vulnerable to an authentication bypass of the user interface. This... Critical Unreviewed
CVE-2024-28200 was published Jul 1, 2024
The identity authentication bypass vulnerability found in some Dahua products during the login... Critical Unreviewed
CVE-2021-33044 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database