Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

26 advisories

Loading
When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of... Critical Unreviewed
CVE-2024-51504 was published Nov 7, 2024
The Online-Ausweis-Funktion eID scheme in the German National Identity card through 2024-02-15... Critical Unreviewed
CVE-2024-23674 was published Feb 16, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7... Critical Unreviewed
CVE-2024-6678 was published Sep 12, 2024
Security check loophole in HAProxy release (in combination with routing release) in Cloud Foundry... Critical Unreviewed
CVE-2024-37082 was published Jul 3, 2024
Windows Kerberos Security Feature Bypass Vulnerability Critical Unreviewed
CVE-2024-20674 was published Jan 9, 2024
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication... Critical Unreviewed
CVE-2023-30803 was published Oct 10, 2023
Vulnerability of identity verification being bypassed in the Gallery module. Successful... Critical Unreviewed
CVE-2022-48513 was published Jul 6, 2023
An authentication bypass issue via spoofing was discovered in the token-based authentication... Critical Unreviewed
CVE-2023-22814 was published Jul 1, 2023
Emby Server < 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For... Critical Unreviewed
CVE-2021-25827 was published Jun 28, 2023
Authentication Bypass by Spoofing vulnerability in the password reset process of Pandora FMS... Critical Unreviewed
CVE-2023-2807 was published Jun 13, 2023
Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.This... Critical Unreviewed
CVE-2023-2887 was published May 25, 2023
** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an... Critical Unreviewed
CVE-2023-3243 was published Jun 28, 2023
Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a allows remote... Critical Unreviewed
CVE-2023-31424 was published Aug 31, 2023
A spoofing attack in ujcms v.8.0.2 allows a remote attacker to obtain sensitive information and... Critical Unreviewed
CVE-2023-51350 was published Jan 12, 2024
Vulnerability of identity verification being bypassed in the face unlock module. Successful... Critical Unreviewed
CVE-2023-5801 was published Nov 8, 2023
Authentication Bypass by Spoofing vulnerability in Neutron Neutron Smart VMS allows... Critical Unreviewed
CVE-2023-4178 was published Sep 5, 2023
An attacker can abuse the batch-requests plugin to send requests to bypass the IP restriction of... Critical Unreviewed
CVE-2022-24112 was published Feb 12, 2022
In the case of instances where the SAML SSO authentication is enabled (non-default), session data... Critical Unreviewed
CVE-2022-23131 was published Jan 14, 2022
The OhMiBod Remote app for Android and iOS allows remote attackers to impersonate users by... Critical Unreviewed
CVE-2017-14487 was published May 13, 2022
EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler... Critical Unreviewed
CVE-2017-14375 was published May 13, 2022
Versions up to, and including, 5.4.3, of the Booster for WooCommerce WordPress plugin are... Critical Unreviewed
CVE-2021-34646 was published May 24, 2022
Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By... Critical Unreviewed
CVE-2020-7388 was published May 24, 2022
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all... Critical Unreviewed
CVE-2021-22779 was published May 24, 2022
A CWE-290: Authentication Bypass by Spoofing vulnerability exists in all versions of the Modicon... Critical Unreviewed
CVE-2018-7842 was published May 24, 2022
An authentication bypass vulnerability in Skyhigh SWG in main releases 10.x prior to 10.2.12, 9.x... Critical Unreviewed
CVE-2022-2310 was published Jul 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database