GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
71 advisories
Filter by severity
The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in all...
Critical
Unreviewed
CVE-2024-9893
was published
Oct 16, 2024
: Authentication Bypass Using an Alternate Path or Channel vulnerability in sooskriszta, webforza...
Critical
Unreviewed
CVE-2024-49247
was published
Oct 16, 2024
The UltimateAI plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2024-9105
was published
Oct 16, 2024
The Pedalo Connector plugin for WordPress is vulnerable to authentication bypass in versions up...
Critical
Unreviewed
CVE-2024-9822
was published
Oct 11, 2024
The LatePoint plugin for WordPress is vulnerable to authentication bypass in versions up to, and...
Critical
Unreviewed
CVE-2024-8943
was published
Oct 8, 2024
The use of `Module._load()` can bypass the policy mechanism and require modules outside of the...
Critical
Unreviewed
CVE-2023-32002
was published
Aug 21, 2023
The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to...
Critical
Unreviewed
CVE-2024-9289
was published
Oct 1, 2024
The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions...
Critical
Unreviewed
CVE-2024-9106
was published
Oct 1, 2024
The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass...
Critical
Unreviewed
CVE-2024-8277
was published
Sep 11, 2024
A remote authentication bypass issue exists in some
OneView APIs.
Critical
Unreviewed
CVE-2023-30909
was published
Sep 14, 2023
An attacker can directly request the ProGauge MAGLINK LX CONSOLE
resource sub page with full...
Critical
Unreviewed
CVE-2024-43692
was published
Sep 25, 2024
D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel
Critical
Unreviewed
CVE-2024-38437
was published
Jul 21, 2024
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an...
Critical
Unreviewed
CVE-2023-49231
was published
Mar 29, 2024
The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management...
Critical
Unreviewed
CVE-2024-2055
was published
Mar 5, 2024
The N-central server is vulnerable to an authentication bypass of the user interface. This...
Critical
Unreviewed
CVE-2024-28200
was published
Jul 1, 2024
An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server /
API Gateway...
Critical
Unreviewed
CVE-2024-2013
was published
Jun 11, 2024
The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in...
Critical
Unreviewed
CVE-2024-7503
was published
Aug 12, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in GST Electronics inohom...
Critical
Unreviewed
CVE-2024-6684
was published
Aug 12, 2024
The Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress plugin for...
Critical
Unreviewed
CVE-2024-7350
was published
Aug 8, 2024
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote...
Critical
Unreviewed
CVE-2020-10148
was published
May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-895 FW102b07...
Critical
Unreviewed
CVE-2023-36091
was published
Jul 31, 2023
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise...
Critical
Unreviewed
CVE-2024-29849
was published
May 23, 2024
Silverpeas authentication bypass
Critical
CVE-2024-36042
was published
for
org.silverpeas.core:silverpeas-core
(Maven)
Jun 3, 2024
An issue in JLINK Unionman Technology Co. Ltd Jlink AX1800 v.1.0 allows a remote attacker to...
Critical
Unreviewed
CVE-2023-37057
was published
Jun 17, 2024
In XLANG OpenAgents through fe73ac4, the allowed_file protection mechanism can be bypassed by...
Critical
Unreviewed
CVE-2024-34524
was published
May 6, 2024
ProTip!
Advisories are also available from the
GraphQL API