Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,516 advisories

Loading
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD)... High Unreviewed
CVE-2023-52161 was published Feb 22, 2024
A vulnerability has been found in Demososo DM Enterprise Website Building System up to 2022.8 and... High Unreviewed
CVE-2024-1817 was published Feb 23, 2024
An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions... High Unreviewed
CVE-2023-46717 was published Mar 12, 2024
Microsoft Authenticator Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21390 was published Mar 12, 2024
Windows Kerberos Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-21427 was published Mar 12, 2024
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and... High Unreviewed
CVE-2023-38534 was published Mar 14, 2024
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before... High Unreviewed
CVE-2024-2450 was published Mar 15, 2024
Erroneous authentication pass in Spring Security High
CVE-2024-22257 was published for org.springframework.security:spring-security-core (Maven) Mar 18, 2024
An incorrect access control issue in Unit4 Financials by Coda v.2023Q4 allows a remote attacker... High Unreviewed
CVE-2024-28735 was published Mar 20, 2024
There is a difficult to exploit improper authentication issue in the Home application for Esri... High Unreviewed
CVE-2024-25699 was published Apr 4, 2024
there is a possible permission bypass due to Debug certs being allowlisted. This could lead to... High Unreviewed
CVE-2024-29757 was published Apr 5, 2024
Vulnerability of improper authentication in the Iaware module. Impact: Successful exploitation of... High Unreviewed
CVE-2023-52540 was published Apr 8, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing... High Unreviewed
CVE-2023-51471 was published Apr 24, 2024
Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing... High Unreviewed
CVE-2023-47504 was published Apr 24, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9... High Unreviewed
CVE-2024-4024 was published Apr 25, 2024
ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass High
CVE-2024-32868 was published for github.com/zitadel/zitadel (Go) Apr 25, 2024
livio-a Skelmis
itz-d0dgy amit-laish muhlemmer peintnermax
ArmorX Android APP's multi-factor authentication (MFA) for the login function is not properly... High Unreviewed
CVE-2024-4303 was published Apr 29, 2024
ReCrystallize Server 5.10.0.0 uses a authorization mechanism that relies on the value of a cookie... High Unreviewed
CVE-2024-26331 was published Apr 30, 2024
Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its... High Unreviewed
CVE-2020-18305 was published May 14, 2024
Improper Authentication vulnerability in Snow Software AB Snow License Manager on Windows allows... High Unreviewed
CVE-2024-4129 was published May 14, 2024
Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects... High Unreviewed
CVE-2023-41956 was published May 17, 2024
scheb/two-factor-bundle bypass two-factor authentication with unverified JWT trusted device token High
GHSA-h6mp-mc7g-mg49 was published for scheb/two-factor-bundle (Composer) May 21, 2024
scheb/two-factor-bundle bypass two-factor authentication with remember-me option High
GHSA-9phw-7h96-q3rv was published for scheb/two-factor-bundle (Composer) May 21, 2024
Thelia authentication bypass vulnerability High
GHSA-g8pg-33v4-9r96 was published for thelia/thelia (Composer) May 30, 2024
TYPO3 CMS Authentication Bypass vulnerability High
GHSA-x4rj-f7m6-42c3 was published for typo3/cms-core (Composer) May 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database