Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

3,572 advisories

Loading
The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in all... High Unreviewed
CVE-2024-10114 was published Nov 5, 2024
The Loginizer Security and Loginizer plugins for WordPress are vulnerable to authentication... High Unreviewed
CVE-2024-10097 was published Nov 5, 2024
A vulnerability was found in knightliao Disconf 2.6.36. It has been classified as critical. This... Moderate Unreviewed
CVE-2024-10620 was published Nov 1, 2024
Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless... Critical Unreviewed
CVE-2024-50478 was published Oct 28, 2024
Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical... Moderate Unreviewed
CVE-2024-31800 was published Aug 15, 2024
Ghost's improper authentication allows access to member information and actions Moderate
CVE-2024-43409 was published for @tryghost/portal (npm) Aug 20, 2024
1337Nerd
Duende IdentityServer has insufficient validation of DPoP cnf claim in Local APIs Low
CVE-2024-49755 was published for Duende.IdentityServer (NuGet) Oct 28, 2024
OpenStack Swauth object/proxy server writing Auth Token to log file Critical
CVE-2017-16613 was published for swauth (pip) May 17, 2022
A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions... High Unreviewed
CVE-2023-39981 was published Sep 2, 2023
TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication... High Unreviewed
CVE-2023-33237 was published Aug 17, 2023
Improper Authentication in SaltStack Salt High
CVE-2021-22004 was published for salt (pip) May 24, 2022
Improper Authentication in requests-kerberos Critical
CVE-2014-8650 was published for requests-kerberos (pip) Mar 10, 2020
Salt has insufficient argument validation in several modules High
CVE-2013-4435 was published for salt (pip) May 17, 2022
rdiffweb vulnerable to Authentication Bypass by Primary Weakness High
CVE-2022-4722 was published for rdiffweb (pip) Dec 27, 2022
Python-saml allows manipulation of SAML data without invalidation of cryptographic signature High
CVE-2017-11427 was published for python-saml (pip) Jul 5, 2019
In WhatsUp Gold versions released before 2024.0.0,  an Authentication Bypass issue exists which... Critical Unreviewed
CVE-2024-7763 was published Oct 24, 2024
A vulnerability in Okta Verify for iOS versions 9.25.1 (beta) and 9.27.0 (including beta) allows... High Unreviewed
CVE-2024-10327 was published Oct 24, 2024
SaltStack Salt Remote command execution and incorrect access control when using salt-api Critical
CVE-2018-15751 was published for salt (pip) May 13, 2022
SaltStack Salt Improper Authentication vulnerability Critical
CVE-2021-25281 was published for salt (pip) May 24, 2022
Improper Authentication in pyftpdlib Moderate
CVE-2008-7263 was published for pyftpdlib (pip) May 17, 2022
The ProfilePress Pro plugin for WordPress is vulnerable to authentication bypass in all versions... High Unreviewed
CVE-2024-9947 was published Oct 23, 2024
The WooCommerce Order Proposal plugin for WordPress is vulnerable to privilege escalation via... High Unreviewed
CVE-2024-9927 was published Oct 23, 2024
A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2024-10173 was published Oct 20, 2024
SaltStack Salt Improper Authentication via Man in the Middle Attack Low
CVE-2022-22935 was published for salt (pip) Mar 30, 2022
Salt Insecure configuration of PAM external authentication service Moderate
CVE-2016-3176 was published for salt (pip) May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database