GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,414

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

43 advisories

Filter by severity

Sort by

Least recently updated

The External Database Based Actions plugin for WordPress is vulnerable to authentication bypass... High Unreviewed

CVE-2024-10311 was published Nov 15, 2024

A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version... High Unreviewed

CVE-2024-47574 was published Nov 13, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token... High Unreviewed

CVE-2024-50488 was published Oct 28, 2024

The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability, allowing unauthenticated... High Unreviewed

CVE-2024-10438 was published Oct 28, 2024

The User Toolkit plugin for WordPress is vulnerable to authentication bypass in versions up to,... High Unreviewed

CVE-2024-9890 was published Oct 26, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii Bryl iBryl... High Unreviewed

CVE-2024-49675 was published Oct 23, 2024

The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and... High Unreviewed

CVE-2024-10002 was published Oct 22, 2024

The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to... High Unreviewed

CVE-2024-9861 was published Oct 17, 2024

The WP Users Masquerade plugin for WordPress is vulnerable to authentication bypass in versions... High Unreviewed

CVE-2024-9522 was published Oct 10, 2024

The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up... High Unreviewed

CVE-2024-7781 was published Sep 26, 2024

An authentication bypass weakness in the message broker service of Ivanti Workspace Control... High Unreviewed

CVE-2024-8012 was published Sep 10, 2024

The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local authentication... High Unreviewed

CVE-2024-41173 was published Aug 27, 2024

Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects... High Unreviewed

CVE-2024-7125 was published Aug 27, 2024

A tampering vulnerability in the CylanceOPTICS Windows Installer Package of CylanceOPTICS for... High Unreviewed

CVE-2024-35214 was published Aug 20, 2024

The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable... High Unreviewed

CVE-2024-7628 was published Aug 15, 2024

A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00... High Unreviewed

CVE-2024-35124 was published Aug 13, 2024

Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass... High Unreviewed

CVE-2024-7007 was published Jul 25, 2024

The WooCommerce - PDF Vouchers plugin for WordPress is vulnerable to authentication bypass in... High Unreviewed

CVE-2024-7027 was published Jul 24, 2024

The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in... High Unreviewed

CVE-2024-6635 was published Jul 20, 2024

IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive... High Unreviewed

CVE-2024-31916 was published Jun 27, 2024

Attackers can bypass the web login authentication process to gain access to the printer's system... High Unreviewed

CVE-2024-3496 was published Jun 14, 2024

An authentication bypass vulnerability in Veeam Agent for Microsoft Windows allows for local... High Unreviewed

CVE-2024-29853 was published May 23, 2024

An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access... High Unreviewed

CVE-2022-32503 was published May 14, 2024

parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over... High Unreviewed

CVE-2024-1646 was published Apr 16, 2024

TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to bypass login through the Form_Login... High Unreviewed

CVE-2024-31814 was published Apr 8, 2024

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

43 advisories