Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

882 advisories

Loading
Dolibarr Improper Restriction of Excessive Authentication Attempts Critical
CVE-2020-7995 was published for dolibarr/dolibarr (Composer) May 24, 2022
Improper Authentication vulnerability in BUDDYBOSS DMCC BuddyBoss Theme allows Accessing... Critical Unreviewed
CVE-2023-51477 was published Apr 24, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Privilege... Critical Unreviewed
CVE-2023-51472 was published Apr 24, 2024
Authelia vulnerable to an authentication bypassed with malformed request URI on nginx Critical
CVE-2021-32637 was published for github.com/authelia/authelia/v4 (Go) Dec 20, 2021
Authorization Bypass in Spring Security Critical
CVE-2014-3527 was published for org.springframework.security:spring-security-core (Maven) Sep 15, 2020
MarkLee131
Microsoft Exchange Server Elevation of Privilege Vulnerability Critical Unreviewed
CVE-2024-21410 was published Feb 13, 2024
Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main... Critical Unreviewed
CVE-2023-4562 was published Oct 13, 2023
Improper Authentication vulnerability in Mobatime mobile application AMXGT100 allows... Critical Unreviewed
CVE-2023-3065 was published Jun 5, 2023
Insufficient authentication in the MQTT backend (broker) allows an attacker to access and even... Critical Unreviewed
CVE-2023-3028 was published Jul 6, 2023
An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4700 Firmware 1.0.0.34 in... Critical Unreviewed
CVE-2013-3072 was published May 5, 2022
The vulnerability exists in ADiTaaS (Allied Digital Integrated Tool-as-a-Service) version 5.1 due... Critical Unreviewed
CVE-2023-6483 was published Dec 22, 2023
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature... Critical Unreviewed
CVE-2023-27536 was published Mar 30, 2023
Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier... Critical Unreviewed
CVE-2023-26573 was published Oct 25, 2023
An authentication bypass vulnerability exists in the httpd nvram.cgi functionality of Yifan YF325... Critical Unreviewed
CVE-2023-24479 was published Oct 11, 2023
The vulnerability exists in Uniview IP Camera due to identification and authentication failure at... Critical Unreviewed
CVE-2023-0773 was published Sep 19, 2023
User authentication with username and password credentials is ineffective in OpenText (Micro... Critical Unreviewed
CVE-2023-4501 was published Sep 12, 2023
An issue in StrangeBee TheHive v.5.0.8, v.4.1.21 and Cortex v.3.1.6 allows a remote attacker to... Critical Unreviewed
CVE-2023-39069 was published Sep 12, 2023
An issue was discovered in MoFi Network MOFI4500-4GXeLTE-V2 3.5.6-xnet-5052 allows attackers to... Critical Unreviewed
CVE-2021-27715 was published Sep 8, 2023
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation... Critical Unreviewed
CVE-2023-31242 was published Sep 5, 2023
Inadequate validation of permissions when employing remote tools and macros within Devolutions... Critical Unreviewed
CVE-2023-4373 was published Aug 21, 2023
An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token. Critical Unreviewed
CVE-2023-39846 was published Aug 17, 2023
EmpowerID before 7.205.0.1 allows an attacker to bypass an MFA (multi factor authentication)... Critical Unreviewed
CVE-2023-40260 was published Aug 11, 2023
Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0,... Critical Unreviewed
CVE-2023-40253 was published Aug 11, 2023
Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default... Critical Unreviewed
CVE-2023-32090 was published Aug 7, 2023
ROC800-Series RTU devices are vulnerable to an authentication bypass, which could allow an... Critical Unreviewed
CVE-2023-1935 was published Aug 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database