GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
43 advisories
Filter by severity
The External Database Based Actions plugin for WordPress is vulnerable to authentication bypass...
High
Unreviewed
CVE-2024-10311
was published
Nov 15, 2024
A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version...
High
Unreviewed
CVE-2024-47574
was published
Nov 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token...
High
Unreviewed
CVE-2024-50488
was published
Oct 28, 2024
An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access...
High
Unreviewed
CVE-2022-32503
was published
May 14, 2024
The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability, allowing unauthenticated...
High
Unreviewed
CVE-2024-10438
was published
Oct 28, 2024
The User Toolkit plugin for WordPress is vulnerable to authentication bypass in versions up to,...
High
Unreviewed
CVE-2024-9890
was published
Oct 26, 2024
The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and...
High
Unreviewed
CVE-2024-10002
was published
Oct 22, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii Bryl iBryl...
High
Unreviewed
CVE-2024-49675
was published
Oct 23, 2024
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9861
was published
Oct 17, 2024
The WP Users Masquerade plugin for WordPress is vulnerable to authentication bypass in versions...
High
Unreviewed
CVE-2024-9522
was published
Oct 10, 2024
The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up...
High
Unreviewed
CVE-2024-7781
was published
Sep 26, 2024
Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310...
High
Unreviewed
CVE-2023-42771
was published
Oct 3, 2023
An authentication bypass weakness in the message broker service of Ivanti Workspace Control...
High
Unreviewed
CVE-2024-8012
was published
Sep 10, 2024
WALLIX Bastion 9.x before 9.0.9 and 10.x before 10.0.5 allows unauthenticated access to sensitive...
High
Unreviewed
CVE-2023-46319
was published
Oct 23, 2023
The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local authentication...
High
Unreviewed
CVE-2024-41173
was published
Aug 27, 2024
Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects...
High
Unreviewed
CVE-2024-7125
was published
Aug 27, 2024
Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass...
High
Unreviewed
CVE-2024-7007
was published
Jul 25, 2024
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00...
High
Unreviewed
CVE-2024-35124
was published
Aug 13, 2024
A tampering vulnerability in the CylanceOPTICS Windows Installer Package of CylanceOPTICS for...
High
Unreviewed
CVE-2024-35214
was published
Aug 20, 2024
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2024-7628
was published
Aug 15, 2024
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive...
High
Unreviewed
CVE-2024-31916
was published
Jun 27, 2024
An issue in Cute Http File Server v.3.1 allows a remote attacker to escalate privileges via the...
High
Unreviewed
CVE-2024-26566
was published
Mar 7, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to bypass login through the Form_Login...
High
Unreviewed
CVE-2024-31814
was published
Apr 8, 2024
An issue was discovered in the endpoint protection agent in Zoho ManageEngine Device Control Plus...
High
Unreviewed
CVE-2022-47578
was published
Dec 20, 2022
The WooCommerce - PDF Vouchers plugin for WordPress is vulnerable to authentication bypass in...
High
Unreviewed
CVE-2024-7027
was published
Jul 24, 2024
ProTip!
Advisories are also available from the
GraphQL API