GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
15 advisories
Filter by severity
A flaw was found in the openstack-barbican component. This issue allows an access policy bypass...
Moderate
Unreviewed
CVE-2022-3100
was published
Jan 18, 2023
A flaw was found in Samba, all versions starting samba 4.5.0 until samba 4.9.15, samba 4.10.10,...
Moderate
Unreviewed
CVE-2019-14833
was published
May 24, 2022
The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID...
Moderate
Unreviewed
CVE-2022-40723
was published
Apr 25, 2023
An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could...
Moderate
Unreviewed
CVE-2023-28126
was published
May 10, 2023
Tenda N300 Wireless N VDSL2 Modem Router allows unauthenticated access to pages that in turn...
Moderate
Unreviewed
CVE-2023-4498
was published
Sep 6, 2023
The SALESmanago plugin for WordPress is vulnerable to Log Injection in versions up to, and...
Moderate
Unreviewed
CVE-2023-4939
was published
Oct 21, 2023
An authentication bypass vulnerability exists in libcurl v8.0.0 where it reuses a previously...
Moderate
Unreviewed
CVE-2023-27538
was published
Mar 30, 2023
Nuvoton - CWE-305: Authentication Bypass by Primary Weakness
An attacker with write access to...
Moderate
Unreviewed
CVE-2024-38433
was published
Jul 11, 2024
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient...
Moderate
Unreviewed
CVE-2024-37085
was published
Jun 25, 2024
An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1...
Moderate
Unreviewed
CVE-2024-4784
was published
Aug 8, 2024
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain...
Moderate
Unreviewed
CVE-2024-5956
was published
Sep 5, 2024
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs...
Moderate
Unreviewed
CVE-2024-5957
was published
Sep 5, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone...
Moderate
Unreviewed
CVE-2024-20463
was published
Oct 16, 2024
A vulnerability was found in Quay, which allows successful authentication even when a truncated...
Moderate
Unreviewed
CVE-2024-9683
was published
Oct 17, 2024
Huawei HiLink AI Life product has an identity authentication bypass vulnerability. Successful...
Moderate
Unreviewed
CVE-2022-48470
was published
Dec 28, 2024
ProTip!
Advisories are also available from the
GraphQL API