Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

61 advisories

Loading
The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress... Critical Unreviewed
CVE-2023-2982 was published Jun 29, 2023
The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2023-2834 was published Jun 30, 2023
The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2023-3249 was published Jun 30, 2023
AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to... Critical Unreviewed
CVE-2023-34335 was published Jul 6, 2023
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-895 FW102b07... Critical Unreviewed
CVE-2023-36091 was published Jul 31, 2023
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication... Critical Unreviewed
CVE-2023-3162 was published Aug 31, 2023
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... Critical Unreviewed
CVE-2023-20269 was published Sep 6, 2023
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1... Critical Unreviewed
CVE-2023-41256 was published Sep 11, 2023
Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas... Critical Unreviewed
CVE-2023-4702 was published Sep 14, 2023
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server... Critical Unreviewed
CVE-2023-42793 was published Sep 19, 2023
A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius... Critical Unreviewed
CVE-2023-39930 was published Oct 25, 2023
Undisclosed requests may bypass configuration utility authentication, allowing an attacker... Critical Unreviewed
CVE-2023-46747 was published Oct 26, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an... Critical Unreviewed
CVE-2023-41351 was published Nov 3, 2023
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege... Critical Unreviewed
CVE-2023-3277 was published Nov 3, 2023
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet... Critical Unreviewed
CVE-2023-42770 was published Nov 21, 2023
An authentication bypass vulnerability has been found in Repox, which allows a remote user to... Critical Unreviewed
CVE-2023-6718 was published Dec 13, 2023
In JetBrains TeamCity before 2023.11.3 authentication bypass leading to RCE was possible Critical Unreviewed
CVE-2024-23917 was published Feb 6, 2024
ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an... Critical Unreviewed
CVE-2024-1709 was published Feb 21, 2024
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions... Critical Unreviewed
CVE-2024-27198 was published Mar 4, 2024
The "Rich Filemanager" feature of Artica Proxy provides a web-based interface for file management... Critical Unreviewed
CVE-2024-2055 was published Mar 5, 2024
An authentication bypass vulnerability was found in Stilog Visual Planning 8. It allows an... Critical Unreviewed
CVE-2023-49231 was published Mar 29, 2024
In XLANG OpenAgents through fe73ac4, the allowed_file protection mechanism can be bypassed by... Critical Unreviewed
CVE-2024-34524 was published May 6, 2024
Veeam Backup Enterprise Manager allows unauthenticated users to log in as any user to enterprise... Critical Unreviewed
CVE-2024-29849 was published May 23, 2024
Silverpeas authentication bypass Critical
CVE-2024-36042 was published for org.silverpeas.core:silverpeas-core (Maven) Jun 3, 2024
An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway... Critical Unreviewed
CVE-2024-2013 was published Jun 11, 2024
ProTip! Advisories are also available from the GraphQL API