Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+

280 advisories

Loading
Authentication Bypass by Spoofing vulnerability in IP2Location Download IP2Location Country... Moderate Unreviewed
CVE-2023-37865 was published Jun 4, 2024
Multiple Cisco products are affected by a vulnerability in the Snort Intrusion Prevention System ... Moderate Unreviewed
CVE-2024-20363 was published May 22, 2024
Authentication Bypass by Spoofing vulnerability in WP Royal Royal Elementor Addons allows... Moderate Unreviewed
CVE-2024-32786 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality... Low Unreviewed
CVE-2024-32708 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in RafflePress Giveaways and Contests allows... Moderate Unreviewed
CVE-2024-32827 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows... Moderate Unreviewed
CVE-2024-33917 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in Filipe Seabra WordPress Manutenção allows... Low Unreviewed
CVE-2024-22139 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows... Low Unreviewed
CVE-2024-30480 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in WPMU DEV Defender Security allows... Moderate Unreviewed
CVE-2024-25595 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in Stefano Lissa & The Newsletter Team Newsletter... Moderate Unreviewed
CVE-2024-30522 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in LionScripts IP Blocker Lite allows... Moderate Unreviewed
CVE-2024-30479 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in WP Happy Coders Comments Like Dislike allows... Moderate Unreviewed
CVE-2024-25906 was published May 17, 2024
Authentication Bypass by Spoofing vulnerability in Wpmet Wp Ultimate Review allows Functionality... Moderate Unreviewed
CVE-2024-21746 was published May 17, 2024
Grafana Escalation from admin to server admin when auth proxy is used High
CVE-2022-35957 was published for github.com/grafana/grafana (Go) May 14, 2024
OctoPrint has an Authentication Bypass via X-Forwarded-For Header when autologinLocal is enabled High
CVE-2024-32977 was published for OctoPrint (pip) May 14, 2024
jacopotediosi
An issue was discovered in GNOME GLib before 2.78.5, and 2.79.x and 2.80.x before 2.80.1. When a... Moderate Unreviewed
CVE-2024-34397 was published May 7, 2024
TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-50224 was published May 3, 2024
TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-44447 was published May 3, 2024
Jenkins Script Security Plugin sandbox bypass vulnerability High
CVE-2024-34145 was published for org.jenkins-ci.plugins:script-security (Maven) May 2, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions... Moderate Unreviewed
CVE-2024-1347 was published Apr 25, 2024
cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by... High Unreviewed
CVE-2024-33531 was published Apr 24, 2024
Apache HugeGraph-Server: Bypass whitelist in Auth mode High
CVE-2024-27349 was published for org.apache.hugegraph:hugegraph-api (Maven) Apr 22, 2024
Keycloak vulnerable to impersonation via logout token exchange Low
CVE-2023-0657 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a... Moderate Unreviewed
CVE-2024-3843 was published Apr 17, 2024
An issue in Typora v.1.8.10 and before, allows a local attacker to obtain sensitive information... Moderate Unreviewed
CVE-2024-31784 was published Apr 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database