Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,344
Erlang
31
GitHub Actions
22
Go
2,112
Maven
5,000+
npm
3,767
NuGet
680
pip
3,453
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,188 advisories

Loading
Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication... Critical Unreviewed
CVE-2024-1147 was published Mar 21, 2024
An incorrect access control issue in Unit4 Financials by Coda v.2023Q4 allows a remote attacker... High Unreviewed
CVE-2024-28735 was published Mar 20, 2024
CWE-287: Improper Authentication may allow Authentication Bypass Critical Unreviewed
CVE-2024-27767 was published Mar 18, 2024
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before... High Unreviewed
CVE-2024-2450 was published Mar 15, 2024
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and... High Unreviewed
CVE-2023-38534 was published Mar 14, 2024
An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in... Critical Unreviewed
CVE-2024-0799 was published Mar 13, 2024
Windows Kerberos Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-21427 was published Mar 12, 2024
Microsoft Authenticator Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21390 was published Mar 12, 2024
An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions... High Unreviewed
CVE-2023-46717 was published Mar 12, 2024
An improper authentication vulnerability has been reported to affect several QNAP operating... Critical Unreviewed
CVE-2024-21899 was published Mar 8, 2024
An authentication issue was addressed with improved state management. This issue is fixed in... Critical Unreviewed
CVE-2024-23255 was published Mar 8, 2024
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow a... Moderate Unreviewed
CVE-2023-46172 was published Mar 7, 2024
JFrog Artifactory versions 7.59 and above, but below 7.59.18, 7.63.18, 7.68.19, 7.71.8 are... Critical Unreviewed
CVE-2023-42662 was published Mar 7, 2024
A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an... Moderate Unreviewed
CVE-2024-20301 was published Mar 6, 2024
An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication... Moderate Unreviewed
CVE-2023-38372 was published Feb 29, 2024
Improper access control vulnerability has been identified in the SMA100 SSL-VPN virtual office... Moderate Unreviewed
CVE-2024-22395 was published Feb 24, 2024
A vulnerability has been found in Demososo DM Enterprise Website Building System up to 2022.8 and... High Unreviewed
CVE-2024-1817 was published Feb 23, 2024
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a... Moderate Unreviewed
CVE-2023-52160 was published Feb 22, 2024
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD)... High Unreviewed
CVE-2023-52161 was published Feb 22, 2024
Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware... Critical Unreviewed
CVE-2024-22245 was published Feb 20, 2024
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.7.0 could allow a local... High Unreviewed
CVE-2022-41737 was published Feb 17, 2024
IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an... High Unreviewed
CVE-2022-41738 was published Feb 17, 2024
Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows... High Unreviewed
CVE-2023-6451 was published Feb 16, 2024
Adobe Framemaker versions 2022.1 and earlier are affected by an Improper Authentication... Critical Unreviewed
CVE-2024-20738 was published Feb 15, 2024
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering of... High Unreviewed
CVE-2024-0568 was published Feb 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database