GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,018
Composer 4,300
Erlang 31
GitHub Actions 21
Go 2,069
Maven 5,241
npm 3,744
NuGet 668
pip 3,429
Pub 12
RubyGems 892
Rust 880
Swift 36

Unreviewed advisories

All unreviewed 240,411

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,038 advisories

Filter by severity

Sort by

Least recently updated

A user with administrator privileges is able to retrieve authentication tokens Moderate Unreviewed

CVE-2024-9133 was published Jan 11, 2025

Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful... Moderate Unreviewed

CVE-2024-56445 was published Jan 8, 2025

A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan... Moderate Unreviewed

CVE-2024-13111 was published Jan 2, 2025

CWE-287: Improper Authentication vulnerability exists that could cause Denial of access to the... Moderate Unreviewed

CVE-2024-10511 was published Dec 11, 2024

An improper authentication vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed

CVE-2024-48859 was published Dec 6, 2024

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager... Moderate Unreviewed

CVE-2024-11671 was published Nov 25, 2024

IPP software prior to v1.71 is vulnerable to default credential vulnerability. This could lead... Moderate Unreviewed

CVE-2022-33862 was published Nov 25, 2024

A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an... Moderate Unreviewed

CVE-2024-11209 was published Nov 14, 2024

A vulnerability was found in pam_access due to the improper handling of tokens in access.conf,... Moderate Unreviewed

CVE-2024-10963 was published Nov 7, 2024

A vulnerability was found in knightliao Disconf 2.6.36. It has been classified as critical. This... Moderate Unreviewed

CVE-2024-10620 was published Nov 1, 2024

A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this... Moderate Unreviewed

CVE-2024-10173 was published Oct 20, 2024

A vulnerability was found in Quay, which allows successful authentication even when a truncated... Moderate Unreviewed

CVE-2024-9683 was published Oct 17, 2024

In the goTenna Pro there is a vulnerability that makes it possible to inject any custom message... Moderate Unreviewed

CVE-2024-47127 was published Sep 26, 2024

An authentication issue was addressed with improved state management. This issue is fixed in iOS... Moderate Unreviewed

CVE-2024-44202 was published Sep 17, 2024

This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and... Moderate Unreviewed

CVE-2024-44127 was published Sep 17, 2024

An improper authentication vulnerability has been reported to affect Music Station. If exploited,... Moderate Unreviewed

CVE-2023-45038 was published Sep 6, 2024

This vulnerability allows unauthenticated remote attackers to bypass authentication and gain APIs... Moderate Unreviewed

CVE-2024-5957 was published Sep 5, 2024

This vulnerability allows unauthenticated remote attackers to bypass authentication and gain... Moderate Unreviewed

CVE-2024-5956 was published Sep 5, 2024

ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The... Moderate Unreviewed

CVE-2024-44821 was published Sep 4, 2024

The PixelYourSite – Your smart PIXEL (TAG) & API Manager and the PixelYourSite PRO plugins for... Moderate Unreviewed

CVE-2024-7870 was published Sep 4, 2024

In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor... Moderate Unreviewed

CVE-2024-7745 was published Aug 28, 2024

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical... Moderate Unreviewed

CVE-2024-31800 was published Aug 15, 2024

BIG-IP Next Central Manager may allow an attacker to lock out an account that has never been... Moderate Unreviewed

CVE-2024-37028 was published Aug 14, 2024

An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with... Moderate Unreviewed

CVE-2024-25157 was published Aug 14, 2024

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting'),... Moderate Unreviewed

CVE-2024-35775 was published Aug 13, 2024

Previous 1 2 3 4 5 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,038 advisories