Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,434
Erlang
29
GitHub Actions
16
Go
1,660
Maven
4,922
npm
3,450
NuGet
594
pip
2,840
Pub
10
RubyGems
823
Rust
764
Swift
34
Unreviewed advisories
All unreviewed
5,000+

3,360 advisories

NETGEAR ProSAFE Network Management System MyHandlerInterceptor Authentication Bypass... Critical Unreviewed
CVE-2023-38096 was published May 3, 2024
ArmorX Android APP's multi-factor authentication (MFA) for the login function is not properly... High Unreviewed
CVE-2024-4303 was published Apr 29, 2024
ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass Moderate
CVE-2024-32868 was published for github.com/zitadel/zitadel (Go) Apr 25, 2024
livio-a Skelmis
itz-d0dgy amit-laish muhlemmer peintnermax
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9... High Unreviewed
CVE-2024-4024 was published Apr 25, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions... Moderate Unreviewed
CVE-2024-1347 was published Apr 25, 2024
Improper Authentication vulnerability in wp-buy Login as User or Customer (User Switching) allows... Critical Unreviewed
CVE-2023-51484 was published Apr 25, 2024
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege... Critical Unreviewed
CVE-2023-51478 was published Apr 25, 2024
Improper Authentication vulnerability in EazyPlugins Eazy Plugin Manager allows Accessing... Critical Unreviewed
CVE-2023-51482 was published Apr 25, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Privilege... Critical Unreviewed
CVE-2023-51472 was published Apr 24, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing... High Unreviewed
CVE-2023-51471 was published Apr 24, 2024
Improper Authentication vulnerability in Repute Infosystems BookingPress allows Accessing... Moderate Unreviewed
CVE-2023-51405 was published Apr 24, 2024
Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing... High Unreviewed
CVE-2023-47504 was published Apr 24, 2024
Improper Authentication vulnerability in BUDDYBOSS DMCC BuddyBoss Theme allows Accessing... Critical Unreviewed
CVE-2023-51477 was published Apr 24, 2024
Improper Authentication, Improper Neutralization of Input During Web Page Generation ('Cross-site... Moderate Unreviewed
CVE-2023-25790 was published Apr 24, 2024
Keycloak vulnerable to impersonation via logout token exchange Low
CVE-2023-0657 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
Keycloak vulnerable to session hijacking via re-authentication Moderate
CVE-2023-6787 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
Keycloak secondary factor bypass in step-up authentication Moderate
CVE-2023-3597 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
sschu jbman
A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart... Moderate Unreviewed
CVE-2023-25493 was published Apr 5, 2024
There is a difficult to exploit improper authentication issue in the Home application for Esri... High Unreviewed
CVE-2024-25699 was published Apr 4, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Unknown Unreviewed
CVE-2024-28012 was published Mar 28, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Unknown Unreviewed
CVE-2024-28009 was published Mar 28, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Unknown Unreviewed
CVE-2024-28006 was published Mar 28, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Unknown Unreviewed
CVE-2024-28007 was published Mar 28, 2024
REST service authentication anomaly with “valid username/no password” credential combination for... Moderate Unreviewed
CVE-2024-2244 was published Mar 27, 2024
A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A... Critical Unreviewed
CVE-2024-2873 was published Mar 26, 2024
ProTip! Advisories are also available from the GraphQL API