GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,927
Composer 4,272
Erlang 31
GitHub Actions 21
Go 2,047
Maven 5,232
npm 3,739
NuGet 668
pip 3,415
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,414

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

171 advisories

Filter by severity

Sort by

Least recently updated

The web server of affected devices do not properly authenticate user request to the '/ClientArea... Moderate Unreviewed

CVE-2024-46887 was published Oct 8, 2024

The LatePoint plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2024-8943 was published Oct 8, 2024

The WordPress & WooCommerce Affiliate Program plugin for WordPress is vulnerable to... Critical Unreviewed

CVE-2024-9289 was published Oct 1, 2024

The Wechat Social login plugin for WordPress is vulnerable to authentication bypass in versions... Critical Unreviewed

CVE-2024-9106 was published Oct 1, 2024

The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up... High Unreviewed

CVE-2024-7781 was published Sep 26, 2024

An attacker can directly request the ProGauge MAGLINK LX CONSOLE resource sub page with full... Critical Unreviewed

CVE-2024-43692 was published Sep 25, 2024

The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass... Critical Unreviewed

CVE-2024-8277 was published Sep 11, 2024

An authentication bypass weakness in the message broker service of Ivanti Workspace Control... High Unreviewed

CVE-2024-8012 was published Sep 10, 2024

The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local authentication... High Unreviewed

CVE-2024-41173 was published Aug 27, 2024

Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects... High Unreviewed

CVE-2024-7125 was published Aug 27, 2024

IBM OpenPages with Watson 8.3 and 9.0 could allow authenticated users access to sensitive... Moderate Unreviewed

CVE-2024-35151 was published Aug 22, 2024

A tampering vulnerability in the CylanceOPTICS Windows Installer Package of CylanceOPTICS for... High Unreviewed

CVE-2024-35214 was published Aug 20, 2024

The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... High Unreviewed

CVE-2024-7628 was published Aug 15, 2024

A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00... High Unreviewed

CVE-2024-35124 was published Aug 13, 2024

The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed

CVE-2024-7503 was published Aug 12, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in GST Electronics inohom... Critical Unreviewed

CVE-2024-6684 was published Aug 12, 2024

The Appointment Booking Calendar Plugin and Online Scheduling Plugin – BookingPress plugin for... Critical Unreviewed

CVE-2024-7350 was published Aug 8, 2024

Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass... High Unreviewed

CVE-2024-7007 was published Jul 25, 2024

The WooCommerce - PDF Vouchers plugin for WordPress is vulnerable to authentication bypass in... High Unreviewed

CVE-2024-7027 was published Jul 24, 2024

D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel Critical Unreviewed

CVE-2024-38437 was published Jul 21, 2024

The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in... High Unreviewed

CVE-2024-6635 was published Jul 20, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in PruvaSoft Informatics... Moderate Unreviewed

CVE-2024-5620 was published Jul 18, 2024

The N-central server is vulnerable to session rebinding of already authenticated users when using... Critical Unreviewed

CVE-2024-5322 was published Jul 1, 2024

The N-central server is vulnerable to an authentication bypass of the user interface. This... Critical Unreviewed

CVE-2024-28200 was published Jul 1, 2024

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks... Critical Unreviewed

CVE-2024-2973 was published Jun 27, 2024

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

171 advisories