Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

8 advisories

Loading
Authentication Bypass by Primary Weakness in github.com/kongchuanhujiao/server High
CVE-2021-21403 was published for github.com/kongchuanhujiao/server (Go) Feb 15, 2022
qianjunakasumi
Keycloak Gatekeeper vulnerable to bypass on using lower case HTTP headers High
CVE-2020-14359 was published for github.com/keycloak/keycloak-gatekeeper (Go) Feb 9, 2022
Cockpit Content Platform vulnerable to 2FA bypass High
CVE-2022-2818 was published for cockpit-hq/cockpit (Composer) Aug 16, 2022
Keycloak Authentication Error High
CVE-2019-14909 was published for org.keycloak:keycloak-parent (Maven) May 24, 2022
NATS.io: Adding accounts for just the system account adds auth bypass High
CVE-2023-47090 was published for github.com/nats-io/nats-server/v2 (Go) Oct 19, 2023
Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process High
CVE-2024-34077 was published for mantisbt/mantisbt (Composer) May 13, 2024
dregad redna-xela
rdiffweb vulnerable to Authentication Bypass by Primary Weakness High
CVE-2022-4722 was published for rdiffweb (pip) Dec 27, 2022
ProTip! Advisories are also available from the GraphQL API