Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

46 advisories

Loading
Huawei HiLink AI Life product has an identity authentication bypass vulnerability. Successful... Moderate Unreviewed
CVE-2022-48470 was published Dec 28, 2024
A flaw was found in the skupper console, a read-only interface that renders cluster network,... High Unreviewed
CVE-2024-12582 was published Dec 24, 2024
Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote... Critical Unreviewed
CVE-2024-3847 was published Apr 17, 2024
A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all... Critical Unreviewed
CVE-2021-26102 was published Dec 19, 2024
A vulnerability was found in Quay, which allows successful authentication even when a truncated... Moderate Unreviewed
CVE-2024-9683 was published Oct 17, 2024
A vulnerability in the external authentication mechanism of Cisco Modeling Labs could allow an... Critical Unreviewed
CVE-2023-20154 was published Nov 15, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone... Moderate Unreviewed
CVE-2024-20463 was published Oct 16, 2024
Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless... Critical Unreviewed
CVE-2024-50478 was published Oct 28, 2024
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1,... High Unreviewed
CVE-2023-36497 was published Sep 11, 2023
Improper privilege management vulnerability in CoolKit Technology eWeLink on Android and iOS... High Unreviewed
CVE-2023-6998 was published Dec 30, 2023
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs... Moderate Unreviewed
CVE-2024-5957 was published Sep 5, 2024
This vulnerability allows unauthenticated remote attackers to bypass authentication and gain... Moderate Unreviewed
CVE-2024-5956 was published Sep 5, 2024
An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1... Moderate Unreviewed
CVE-2024-4784 was published Aug 8, 2024
VMware ESXi contains an authentication bypass vulnerability. A malicious actor with sufficient... Moderate Unreviewed
CVE-2024-37085 was published Jun 25, 2024
The WooCommerce - Social Login plugin for WordPress is vulnerable to unauthenticated privilege... High Unreviewed
CVE-2024-6637 was published Jul 20, 2024
Nuvoton - CWE-305: Authentication Bypass by Primary Weakness An attacker with write access to... Moderate Unreviewed
CVE-2024-38433 was published Jul 11, 2024
A flaw was found in dogtag-pki and pki-core. The token authentication scheme can be bypassed with... High Unreviewed
CVE-2023-4727 was published Jun 11, 2024
In telephony, there is a possible escalation of privilege due to a permissions bypass. This could... High Unreviewed
CVE-2024-20015 was published Feb 5, 2024
The vulnerability allows attackers access to the root account without having to authenticate.... Critical Unreviewed
CVE-2023-41920 was published Jul 2, 2024
Windows Kerberos Security Feature Bypass Vulnerability Critical Unreviewed
CVE-2024-20674 was published Jan 9, 2024
MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function Critical Unreviewed
CVE-2024-36388 was published Jun 2, 2024
A vulnerability in the web-based management interface of Cisco IP Phone firmware could allow an... High Unreviewed
CVE-2024-20378 was published May 1, 2024
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse... High Unreviewed
CVE-2023-27535 was published Mar 30, 2023
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature... Critical Unreviewed
CVE-2023-27536 was published Mar 30, 2023
An authentication bypass vulnerability exists in libcurl v8.0.0 where it reuses a previously... Moderate Unreviewed
CVE-2023-27538 was published Mar 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database