GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
189 advisories
Filter by severity
The WooCommerce Dynamic Pricing and Discounts plugin for WordPress is vulnerable to...
Moderate
Unreviewed
CVE-2021-4353
was published
Oct 20, 2023
WALLIX Bastion 9.x before 9.0.9 and 10.x before 10.0.5 allows unauthenticated access to sensitive...
High
Unreviewed
CVE-2023-46319
was published
Oct 23, 2023
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to...
High
Unreviewed
CVE-2023-43045
was published
Oct 23, 2023
PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring...
Moderate
Unreviewed
CVE-2023-39231
was published
Oct 25, 2023
A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius...
Critical
Unreviewed
CVE-2023-39930
was published
Oct 25, 2023
Undisclosed requests may bypass configuration utility authentication, allowing an attacker...
Critical
Unreviewed
CVE-2023-46747
was published
Oct 26, 2023
A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2023-20247
was published
Nov 1, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an...
Critical
Unreviewed
CVE-2023-41351
was published
Nov 3, 2023
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege...
Critical
Unreviewed
CVE-2023-3277
was published
Nov 3, 2023
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet...
Critical
Unreviewed
CVE-2023-42770
was published
Nov 21, 2023
An authentication bypass vulnerability has been found in Repox, which allows a remote user to...
Critical
Unreviewed
CVE-2023-6718
was published
Dec 13, 2023
Docker Authentication Bypass
High
CVE-2018-12608
was published
for
github.com/docker/docker
(Go)
Jan 31, 2024
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible
Critical
Unreviewed
CVE-2024-23917
was published
Feb 6, 2024
svix vulnerable to Authentication Bypass
Moderate
CVE-2024-21491
was published
for
svix
(Rust)
Feb 13, 2024
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an...
Critical
Unreviewed
CVE-2024-1709
was published
Feb 21, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16...
Moderate
Unreviewed
CVE-2024-1525
was published
Feb 22, 2024
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions...
Critical
Unreviewed
CVE-2024-27198
was published
Mar 4, 2024
Services that are running and bound to the loopback interface on the Artica Proxy are accessible...
Unknown
Unreviewed
CVE-2024-2056
was published
Mar 5, 2024
The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management...
Critical
Unreviewed
CVE-2024-2055
was published
Mar 5, 2024
An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the...
High
Unreviewed
CVE-2024-26566
was published
Mar 7, 2024
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an...
Critical
Unreviewed
CVE-2023-49231
was published
Mar 29, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to bypass login through the Form_Login...
High
Unreviewed
CVE-2024-31814
was published
Apr 8, 2024
parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over...
High
Unreviewed
CVE-2024-1646
was published
Apr 16, 2024
Keycloak secondary factor bypass in step-up authentication
Moderate
CVE-2023-3597
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 17, 2024
In XLANG OpenAgents through fe73ac4, the allowed_file protection mechanism can be bypassed by...
Critical
Unreviewed
CVE-2024-34524
was published
May 6, 2024
ProTip!
Advisories are also available from the
GraphQL API