Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

207 advisories

Loading
Use of static encryption key material allows forging an authentication token to other users... High Unreviewed
CVE-2022-23724 was published May 5, 2022
SQL injection and file upload attacks are possible due to insufficient validation of input values... Critical Unreviewed
CVE-2021-26634 was published Jun 3, 2022
PingID Windows Login prior to 2.8 does not properly set permissions on the Windows Registry... Moderate Unreviewed
CVE-2022-23725 was published Jul 1, 2022
A flaw was found in Samba. The security vulnerability occurs when KDC and the kpasswd service... High Unreviewed
CVE-2022-2031 was published Aug 26, 2022
Unauthorized access to Gateway user capabilities Critical Unreviewed
CVE-2022-27510 was published Nov 9, 2022
The SiteGround Security plugin for WordPress is vulnerable to authentication bypass that allows... Critical Unreviewed
CVE-2022-0992 was published Apr 20, 2022
A vulnerability in the social login configuration option for the guest users of Cisco Business... Moderate Unreviewed
CVE-2023-20003 was published May 18, 2023
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege... Critical Unreviewed
CVE-2023-3277 was published Nov 3, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an... Critical Unreviewed
CVE-2023-41351 was published Nov 3, 2023
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet... Critical Unreviewed
CVE-2023-42770 was published Nov 21, 2023
Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas... Critical Unreviewed
CVE-2023-4702 was published Sep 14, 2023
Devise Gem for Ruby Unauthorized Access Using "Remember Me" Cookie High
CVE-2015-8314 was published for devise (RubyGems) Jan 26, 2023
An authentication bypass vulnerability has been found in Repox, which allows a remote user to... Critical Unreviewed
CVE-2023-6718 was published Dec 13, 2023
Moodle Authentication Bypass in Question-Bank Moderate
CVE-2012-2356 was published for moodle/moodle (Composer) May 13, 2022
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... Critical Unreviewed
CVE-2023-20269 was published Sep 6, 2023
A vulnerability in the web-based management interface of Cisco IP Phone 7800 and 8800 Series... Moderate Unreviewed
CVE-2023-20018 was published Jan 20, 2023
A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed
CVE-2023-20247 was published Nov 1, 2023
Authentication bypass in SilverStripe GraphQL Moderate
CVE-2020-26136 was published for silverstripe/graphql (Composer) Jun 10, 2021
G-Rath
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible Critical Unreviewed
CVE-2024-23917 was published Feb 6, 2024
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an... Critical Unreviewed
CVE-2024-1709 was published Feb 21, 2024
Services that are running and bound to the loopback interface on the Artica Proxy are accessible... Unknown Unreviewed
CVE-2024-2056 was published Mar 5, 2024
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions... Critical Unreviewed
CVE-2024-27198 was published Mar 4, 2024
Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0 is vulnerable to... High Unreviewed
CVE-2019-13526 was published May 24, 2022
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability.... Critical Unreviewed
CVE-2019-3758 was published May 24, 2022
The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed
CVE-2023-2027 was published Apr 15, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database