GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
25 advisories
Filter by severity
Authentication Bypass by CSRF Weakness
Critical
GHSA-5629-8855-gf4g
was published
for
solidus_core
(RubyGems)
Nov 18, 2021
Authentication Bypass in ADOdb/ADOdb
Critical
CVE-2021-3850
was published
for
adodb/adodb-php
(Composer)
Jan 27, 2022
A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets...
Critical
Unreviewed
CVE-2021-45031
was published
Mar 31, 2022
Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to...
Critical
Unreviewed
CVE-2022-2651
was published
Aug 5, 2022
Authentication Bypass by Primary Weakness in GitHub repository kareadita/kavita prior to 0.6.0.3.
Critical
Unreviewed
CVE-2022-3993
was published
Nov 14, 2022
golang-nanoauth authentication bypass vulnerability
Critical
CVE-2020-36569
was published
for
github.com/nanobox-io/golang-nanoauth
(Go)
Dec 28, 2022
Authentication Bypass in modoboa
Critical
CVE-2023-0777
was published
for
modoboa
(pip)
Feb 10, 2023
Froxlor is vulnerable to authentication bypass
Critical
CVE-2023-1307
was published
for
froxlor/froxlor
(Composer)
Mar 10, 2023
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature...
Critical
Unreviewed
CVE-2023-27536
was published
Mar 30, 2023
Authentication Bypass by Primary Weakness vulnerability in DTS Electronics Redline Router...
Critical
Unreviewed
CVE-2023-1833
was published
Apr 14, 2023
The authentication mechanism in SonicWall GMS and Analytics Web Services had insufficient checks,...
Critical
Unreviewed
CVE-2023-34124
was published
Jul 13, 2023
SonicWall GMS and Analytics CAS Web Services application use static values for authentication...
Critical
Unreviewed
CVE-2023-34137
was published
Jul 13, 2023
ROC800-Series RTU devices are vulnerable to an authentication bypass, which could allow an...
Critical
Unreviewed
CVE-2023-1935
was published
Aug 3, 2023
Windows Kerberos Security Feature Bypass Vulnerability
Critical
Unreviewed
CVE-2024-20674
was published
Jan 9, 2024
In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all...
Critical
Unreviewed
CVE-2024-1403
was published
Feb 27, 2024
Authentication Bypass by Primary Weakness vulnerability in ZKSoftware Biometric Security...
Critical
Unreviewed
CVE-2023-7103
was published
Mar 5, 2024
Authentication Bypass by Primary Weakness vulnerability in XPodas Octopod allows Authentication...
Critical
Unreviewed
CVE-2024-1202
was published
Mar 21, 2024
Authentication Bypass by Primary Weakness vulnerability in TeoSOFT Software TeoBASE allows...
Critical
Unreviewed
CVE-2023-6153
was published
Mar 27, 2024
Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote...
Critical
Unreviewed
CVE-2024-3847
was published
Apr 17, 2024
MileSight DeviceHub -
CWE-305 Missing Authentication for Critical Function
Critical
Unreviewed
CVE-2024-36388
was published
Jun 2, 2024
The vulnerability allows attackers access to the root account without having to authenticate....
Critical
Unreviewed
CVE-2023-41920
was published
Jul 2, 2024
Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless...
Critical
Unreviewed
CVE-2024-50478
was published
Oct 28, 2024
codechecker authentication method confusion vulnerability allows logging in as the built-in root user from an external service
Critical
CVE-2024-10082
was published
for
codechecker
(pip)
Nov 6, 2024
A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an...
Critical
Unreviewed
CVE-2023-20154
was published
Nov 15, 2024
A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all...
Critical
Unreviewed
CVE-2021-26102
was published
Dec 19, 2024
ProTip!
Advisories are also available from the
GraphQL API