GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
43 advisories
Filter by severity
The External Database Based Actions plugin for WordPress is vulnerable to authentication bypass...
High
Unreviewed
CVE-2024-10311
was published
Nov 15, 2024
A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version...
High
Unreviewed
CVE-2024-47574
was published
Nov 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token...
High
Unreviewed
CVE-2024-50488
was published
Oct 28, 2024
The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability, allowing unauthenticated...
High
Unreviewed
CVE-2024-10438
was published
Oct 28, 2024
The User Toolkit plugin for WordPress is vulnerable to authentication bypass in versions up to,...
High
Unreviewed
CVE-2024-9890
was published
Oct 26, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii Bryl iBryl...
High
Unreviewed
CVE-2024-49675
was published
Oct 23, 2024
The Rover IDX plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and...
High
Unreviewed
CVE-2024-10002
was published
Oct 22, 2024
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to...
High
Unreviewed
CVE-2024-9861
was published
Oct 17, 2024
The WP Users Masquerade plugin for WordPress is vulnerable to authentication bypass in versions...
High
Unreviewed
CVE-2024-9522
was published
Oct 10, 2024
The Jupiter X Core plugin for WordPress is vulnerable to authentication bypass in all versions up...
High
Unreviewed
CVE-2024-7781
was published
Sep 26, 2024
An authentication bypass weakness in the message broker service of Ivanti Workspace Control...
High
Unreviewed
CVE-2024-8012
was published
Sep 10, 2024
The IPC-Diagnostics package included in TwinCAT/BSD is vulnerable to a local authentication...
High
Unreviewed
CVE-2024-41173
was published
Aug 27, 2024
Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects...
High
Unreviewed
CVE-2024-7125
was published
Aug 27, 2024
A tampering vulnerability in the CylanceOPTICS Windows Installer Package of CylanceOPTICS for...
High
Unreviewed
CVE-2024-35214
was published
Aug 20, 2024
The MStore API – Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable...
High
Unreviewed
CVE-2024-7628
was published
Aug 15, 2024
A vulnerability in the combination of the OpenBMC's FW1050.00 through FW1050.10, FW1030.00...
High
Unreviewed
CVE-2024-35124
was published
Aug 13, 2024
Positron Broadcast Signal Processor TRA7005 v1.20 is vulnerable to an authentication bypass...
High
Unreviewed
CVE-2024-7007
was published
Jul 25, 2024
The WooCommerce - PDF Vouchers plugin for WordPress is vulnerable to authentication bypass in...
High
Unreviewed
CVE-2024-7027
was published
Jul 24, 2024
The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in...
High
Unreviewed
CVE-2024-6635
was published
Jul 20, 2024
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive...
High
Unreviewed
CVE-2024-31916
was published
Jun 27, 2024
Attackers can bypass the web login authentication process to gain access to the printer's system...
High
Unreviewed
CVE-2024-3496
was published
Jun 14, 2024
An authentication bypass vulnerability in Veeam Agent for Microsoft Windows allows for local...
High
Unreviewed
CVE-2024-29853
was published
May 23, 2024
An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access...
High
Unreviewed
CVE-2022-32503
was published
May 14, 2024
parisneo/lollms-webui is vulnerable to authentication bypass due to insufficient protection over...
High
Unreviewed
CVE-2024-1646
was published
Apr 16, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to bypass login through the Form_Login...
High
Unreviewed
CVE-2024-31814
was published
Apr 8, 2024
ProTip!
Advisories are also available from the
GraphQL API