GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,215
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,287
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,555

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,188 advisories

Filter by severity

Sort by

Least recently updated

An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions... Moderate Unreviewed

CVE-2024-1347 was published Apr 25, 2024

Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege... Critical Unreviewed

CVE-2023-51478 was published Apr 25, 2024

Improper Authentication vulnerability in wp-buy Login as User or Customer (User Switching) allows... Critical Unreviewed

CVE-2023-51484 was published Apr 25, 2024

Improper Authentication vulnerability in EazyPlugins Eazy Plugin Manager allows Accessing... Critical Unreviewed

CVE-2023-51482 was published Apr 25, 2024

Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing... High Unreviewed

CVE-2023-51471 was published Apr 24, 2024

Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Privilege... Critical Unreviewed

CVE-2023-51472 was published Apr 24, 2024

Improper Authentication vulnerability in BUDDYBOSS DMCC BuddyBoss Theme allows Accessing... Critical Unreviewed

CVE-2023-51477 was published Apr 24, 2024

Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing... High Unreviewed

CVE-2023-47504 was published Apr 24, 2024

Improper Authentication, Improper Neutralization of Input During Web Page Generation ('Cross-site... Moderate Unreviewed

CVE-2023-25790 was published Apr 24, 2024

Improper Authentication vulnerability in Repute Infosystems BookingPress allows Accessing... Moderate Unreviewed

CVE-2023-51405 was published Apr 24, 2024

The system application (com.transsion.kolun.aiservice) component does not perform an... Critical Unreviewed

CVE-2024-3701 was published Apr 15, 2024

A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart... Moderate Unreviewed

CVE-2023-25493 was published Apr 5, 2024

There is a difficult to exploit improper authentication issue in the Home application for Esri... High Unreviewed

CVE-2024-25699 was published Apr 4, 2024

In VeridiumID before 3.5.0, the WebAuthn API allows an internal unauthenticated attacker (who can... Critical Unreviewed

CVE-2023-44039 was published Apr 3, 2024

VMware SD-WAN Edge contains a missing authentication and protection mechanism vulnerability. A... Moderate Unreviewed

CVE-2024-22247 was published Apr 2, 2024

Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed

CVE-2024-28012 was published Mar 28, 2024

Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed

CVE-2024-28009 was published Mar 28, 2024

Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Unknown Unreviewed

CVE-2024-28006 was published Mar 28, 2024

Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed

CVE-2024-28007 was published Mar 28, 2024

In TeslaMate before 1.27.2, there is unauthorized access to port 4000 for remote viewing and... Critical Unreviewed

CVE-2023-31634 was published Mar 27, 2024

REST service authentication anomaly with “valid username/no password” credential combination for... Moderate Unreviewed

CVE-2024-2244 was published Mar 27, 2024

A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A... Critical Unreviewed

CVE-2024-2873 was published Mar 26, 2024

This vulnerability allows remote attackers to reset the password of anonymous users without... Critical Unreviewed

CVE-2024-2862 was published Mar 25, 2024

Improper Authentication vulnerability in Melapress WP 2FA allows Authentication Bypass.This issue... Moderate Unreviewed

CVE-2022-44595 was published Mar 21, 2024

Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication... Critical Unreviewed

CVE-2024-1147 was published Mar 21, 2024

Previous 1 2 … 6 7 8 9 10 … 127 128 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,188 advisories