Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

208 advisories

Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System ... Moderate Unreviewed
CVE-2024-20363 was published May 22, 2024
Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows... Moderate Unreviewed
CVE-2024-32786 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality... Low Unreviewed
CVE-2024-32708 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows... Moderate Unreviewed
CVE-2024-32827 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows... Moderate Unreviewed
CVE-2024-33917 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality... Moderate Unreviewed
CVE-2024-21746 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in Filipe Seabra WordPress Manutenção allows... Low Unreviewed
CVE-2024-22139 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows... Moderate Unreviewed
CVE-2024-30479 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter... Moderate Unreviewed
CVE-2024-30522 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows... Moderate Unreviewed
CVE-2024-25595 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in WP Happy Coders Comments Like Dislike allows... Moderate Unreviewed
CVE-2024-25906 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows... Low Unreviewed
CVE-2024-30480 was published May 17, 2024
Grafana Escalation from admin to server admin when auth proxy is used Moderate
CVE-2022-35957 was published for github.com/grafana/grafana (Go) May 14, 2024
OctoPrint has an Authentication Bypass via X-Forwarded-For Header when autologinLocal is enabled High
CVE-2024-32977 was published for OctoPrint (pip) May 14, 2024
jacopotediosi
TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-50224 was published May 3, 2024
TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-44447 was published May 3, 2024
Apache HugeGraph-Server: Bypass whitelist in Auth mode High
CVE-2024-27349 was published for org.apache.hugegraph:hugegraph-api (Maven) Apr 22, 2024
Keycloak vulnerable to impersonation via logout token exchange Low
CVE-2023-0657 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
Apache Zeppelin: Replacing other users notebook, bypassing any permissions Moderate
CVE-2024-31863 was published for org.apache.zeppelin:zeppelin-server (Maven) Apr 9, 2024
A vulnerability has been identified in SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) (All versions),... Moderate Unreviewed
CVE-2024-30189 was published Apr 9, 2024
A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748... Moderate Unreviewed
CVE-2024-30190 was published Apr 9, 2024
A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748... High Unreviewed
CVE-2024-30191 was published Apr 9, 2024
Ollama DNS rebinding vulnerability High
CVE-2024-28224 was published for github.com/ollama/ollama (Go) Apr 8, 2024
By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it... Unknown Unreviewed
CVE-2024-29006 was published Apr 4, 2024
in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification... High Unreviewed
CVE-2024-22092 was published Apr 2, 2024
ProTip! Advisories are also available from the GraphQL API