GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,324
Composer 4,360
Erlang 33
GitHub Actions 22
Go 2,127
Maven 5,308
npm 3,793
NuGet 683
pip 3,471
Pub 12
RubyGems 894
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 244,794

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

187 advisories

Filter by severity

Sort by

Least recently updated

parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over... High Unreviewed

CVE-2024-1646 was published Apr 16, 2024

TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to bypass login through the Form_Login... High Unreviewed

CVE-2024-31814 was published Apr 8, 2024

An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an... Critical Unreviewed

CVE-2023-49231 was published Mar 29, 2024

An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the... High Unreviewed

CVE-2024-26566 was published Mar 7, 2024

Services that are running and bound to the loopback interface on the Artica Proxy are accessible... Unknown Unreviewed

CVE-2024-2056 was published Mar 5, 2024

The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management... Critical Unreviewed

CVE-2024-2055 was published Mar 5, 2024

In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions... Critical Unreviewed

CVE-2024-27198 was published Mar 4, 2024

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16... Moderate Unreviewed

CVE-2024-1525 was published Feb 22, 2024

ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an... Critical Unreviewed

CVE-2024-1709 was published Feb 21, 2024

In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible Critical Unreviewed

CVE-2024-23917 was published Feb 6, 2024

An authentication bypass vulnerability has been found in Repox, which allows a remote user to... Critical Unreviewed

CVE-2023-6718 was published Dec 13, 2023

Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet... Critical Unreviewed

CVE-2023-42770 was published Nov 21, 2023

The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege... Critical Unreviewed

CVE-2023-3277 was published Nov 3, 2023

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an... Critical Unreviewed

CVE-2023-41351 was published Nov 3, 2023

A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed

CVE-2023-20247 was published Nov 1, 2023

Undisclosed requests may bypass configuration utility authentication, allowing an attacker... Critical Unreviewed

CVE-2023-46747 was published Oct 26, 2023

A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius... Critical Unreviewed

CVE-2023-39930 was published Oct 25, 2023

PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring... Moderate Unreviewed

CVE-2023-39231 was published Oct 25, 2023

IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to... High Unreviewed

CVE-2023-43045 was published Oct 23, 2023

WALLIX Bastion 9.x before 9.0.9 and 10.x before 10.0.5 allows unauthenticated access to sensitive... High Unreviewed

CVE-2023-46319 was published Oct 23, 2023

The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2021-4353 was published Oct 20, 2023

A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi... Moderate Unreviewed

CVE-2023-4957 was published Oct 11, 2023

Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310... High Unreviewed

CVE-2023-42771 was published Oct 3, 2023

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server... Critical Unreviewed

CVE-2023-42793 was published Sep 19, 2023

Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas... Critical Unreviewed

CVE-2023-4702 was published Sep 14, 2023

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

187 advisories