GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
26 advisories
Filter by severity
When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of...
Critical
Unreviewed
CVE-2024-51504
was published
Nov 7, 2024
The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15...
Critical
Unreviewed
CVE-2024-23674
was published
Feb 16, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7...
Critical
Unreviewed
CVE-2024-6678
was published
Sep 12, 2024
Security check loophole in HAProxy release (in combination with routing release) in Cloud Foundry...
Critical
Unreviewed
CVE-2024-37082
was published
Jul 3, 2024
Windows Kerberos Security Feature Bypass Vulnerability
Critical
Unreviewed
CVE-2024-20674
was published
Jan 9, 2024
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication...
Critical
Unreviewed
CVE-2023-30803
was published
Oct 10, 2023
Vulnerability of identity verification being bypassed in the Gallery module. Successful...
Critical
Unreviewed
CVE-2022-48513
was published
Jul 6, 2023
An authentication bypass issue via spoofing was discovered in the token-based authentication...
Critical
Unreviewed
CVE-2023-22814
was published
Jul 1, 2023
Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For...
Critical
Unreviewed
CVE-2021-25827
was published
Jun 28, 2023
Authentication Bypass by Spoofing vulnerability in the password reset process of Pandora FMS...
Critical
Unreviewed
CVE-2023-2807
was published
Jun 13, 2023
Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.This...
Critical
Unreviewed
CVE-2023-2887
was published
May 25, 2023
** UNSUPPPORTED WHEN ASSIGNED **
** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an...
Critical
Unreviewed
CVE-2023-3243
was published
Jun 28, 2023
Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a
allows remote...
Critical
Unreviewed
CVE-2023-31424
was published
Aug 31, 2023
A spoofing attack in ujcms v.8.0.2 allows a remote attacker to obtain sensitive information and...
Critical
Unreviewed
CVE-2023-51350
was published
Jan 12, 2024
Vulnerability of identity verification being bypassed in the face unlock module. Successful...
Critical
Unreviewed
CVE-2023-5801
was published
Nov 8, 2023
Authentication Bypass by Spoofing vulnerability in Neutron Neutron Smart VMS allows...
Critical
Unreviewed
CVE-2023-4178
was published
Sep 5, 2023
An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of...
Critical
Unreviewed
CVE-2022-24112
was published
Feb 12, 2022
In the case of instances where the SAML SSO authentication is enabled (non-default), session data...
Critical
Unreviewed
CVE-2022-23131
was published
Jan 14, 2022
The OhMiBod Remote app for Android and iOS allows remote attackers to impersonate users by...
Critical
Unreviewed
CVE-2017-14487
was published
May 13, 2022
EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler...
Critical
Unreviewed
CVE-2017-14375
was published
May 13, 2022
Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are...
Critical
Unreviewed
CVE-2021-34646
was published
May 24, 2022
Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By...
Critical
Unreviewed
CVE-2020-7388
was published
May 24, 2022
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all...
Critical
Unreviewed
CVE-2021-22779
was published
May 24, 2022
A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon...
Critical
Unreviewed
CVE-2018-7842
was published
May 24, 2022
An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x...
Critical
Unreviewed
CVE-2022-2310
was published
Jul 28, 2022
ProTip!
Advisories are also available from the
GraphQL API