GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,394 advisories
Filter by severity
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9...
High
Unreviewed
CVE-2024-4024
was published
Apr 25, 2024
Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing...
High
Unreviewed
CVE-2023-47504
was published
Apr 24, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing...
High
Unreviewed
CVE-2023-51471
was published
Apr 24, 2024
phpMyAdmin Improper Authentication
High
CVE-2018-12613
was published
for
phpmyadmin/phpmyadmin
(Composer)
May 13, 2022
Moodle Improper Authentication
High
CVE-2018-1082
was published
for
moodle/moodle
(Composer)
May 13, 2022
Saltstack Salt Unauthenticated Arbitrary Code Execution
High
CVE-2021-25315
was published
for
salt
(pip)
May 24, 2022
SaltStack Salt Authentication Bypass when using the local_batch client from salt-api
High
CVE-2017-5192
was published
for
salt
(pip)
May 17, 2022
Access Restriction Bypass in go-ldap
High
CVE-2017-14623
was published
for
github.com/go-ldap/ldap
(Go)
Feb 15, 2022
Memory Corruption in Core due to secure memory access by user while loading modem image.
High
Unreviewed
CVE-2023-24852
was published
Nov 14, 2023
Transient DOS due to improper authorization in Modem
High
Unreviewed
CVE-2022-40521
was published
Jun 6, 2023
Improper Authentication in Jenkins
High
CVE-2017-1000354
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
Erroneous authentication pass in Spring Security
High
CVE-2024-22257
was published
for
org.springframework.security:spring-security-core
(Maven)
Mar 18, 2024
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request...
High
Unreviewed
CVE-2022-40536
was published
Jun 6, 2023
Windows Kerberos Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-21427
was published
Mar 12, 2024
Microsoft Authenticator Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-21390
was published
Mar 12, 2024
Missing authentication in the StudentPopupDetails_StudentDetails method in IDAttend’s IDWeb...
High
Unreviewed
CVE-2023-27376
was published
Oct 25, 2023
Incorrect Access Control in the Account Access / Password Reset Link in SimplyBook.me Enterprise...
High
Unreviewed
CVE-2019-11488
was published
May 24, 2022
cPanel before 55.9999.141 allows attackers to bypass Two Factor Authentication via DNS clustering...
High
Unreviewed
CVE-2016-10826
was published
May 24, 2022
Improper authentication in the Intel(R) DCM software before version 5.1 may allow an...
High
Unreviewed
CVE-2022-44610
was published
May 10, 2023
Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication....
High
Unreviewed
CVE-2023-32202
was published
Aug 24, 2023
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse...
High
Unreviewed
CVE-2023-27535
was published
Mar 30, 2023
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which...
High
Unreviewed
CVE-2022-22576
was published
May 27, 2022
Improper Authentication in Pivotal Spring-LDAP
High
CVE-2017-8028
was published
for
org.springframework.ldap:spring-ldap-core
(Maven)
May 13, 2022
Missing authentication in the GetActiveToiletPasses method in IDAttend’s IDWeb application 3.1...
High
Unreviewed
CVE-2023-27257
was published
Oct 25, 2023
ProTip!
Advisories are also available from the
GraphQL API