Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

3,410 advisories

Loading
Thelia authentication bypass vulnerability High
GHSA-g8pg-33v4-9r96 was published for thelia/thelia (Composer) May 30, 2024
TYPO3 CMS Authentication Bypass vulnerability High
GHSA-x4rj-f7m6-42c3 was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 Security Misconfiguration for Backend User Accounts High
GHSA-rxc9-f2x6-qh4w was published for typo3/cms-core (Composer) May 30, 2024
Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the... Critical Unreviewed
CVE-2023-43551 was published Jun 3, 2024
Improper Authentication vulnerability in WPMU DEV Defender Security allows Accessing... Moderate Unreviewed
CVE-2023-47189 was published Jun 4, 2024
Improper Authentication vulnerability in wpase Admin and Site Enhancements (ASE) allows Accessing... High Unreviewed
CVE-2023-46630 was published Jun 4, 2024
Improper Authentication vulnerability in Pluggabl LLC Booster for WooCommerce allows Accessing... Moderate Unreviewed
CVE-2023-48747 was published Jun 4, 2024
Improper Authentication vulnerability in Pluggabl LLC Booster Elite for WooCommerce allows... Moderate Unreviewed
CVE-2023-51511 was published Jun 4, 2024
Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects... Moderate Unreviewed
CVE-2024-35670 was published Jun 4, 2024
Authentication Bypass in TYPO3 CMS Moderate
GHSA-6xh8-8pfv-53vx was published for typo3/cms (Composer) Jun 5, 2024
An issue was discovered in Samsung Mobile Processor, Automotive Processor, and Modem Exynos 9820,... Low Unreviewed
CVE-2023-50804 was published Jun 5, 2024
Improper Authentication in CraftCMS two factor authentication plugin Moderate
CVE-2024-5658 was published for born05/craft-twofactorauthentication (Composer) Jun 6, 2024
Unauthenticated Access to sensitive settings in Argo CD Moderate
CVE-2024-37152 was published for github.com/argoproj/argo-cd/v2/server (Go) Jun 6, 2024
moshikoHassan
Improper authentication in zenml Low
CVE-2024-2213 was published for zenml (pip) Jun 6, 2024
A vulnerability was found in Clash up to 0.20.1 on Windows. It has been declared as critical.... High Unreviewed
CVE-2024-5732 was published Jun 7, 2024
TYPO3 Security Misconfiguration for Backend User Accounts High
GHSA-c5mj-39cf-3pp5 was published for typo3/cms (Composer) Jun 7, 2024
Zendframework potential security issue in login mechanism High
GHSA-9v78-h226-2rmq was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ZendOpenID potential security issue in login mechanism High
GHSA-3x57-m5p4-rgh4 was published for zendframework/zendopenid (Composer) Jun 7, 2024
A vulnerability has been identified in PowerSys (All versions < V3.11). The affected application... Critical Unreviewed
CVE-2024-36266 was published Jun 11, 2024
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-35248 was published Jun 11, 2024
Apache Submarine Commons Utils has a hard-coded secret Moderate
CVE-2024-36264 was published for org.apache.submarine:submarine-commons-utils (Maven) Jun 12, 2024
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an... High Unreviewed
CVE-2024-34103 was published Jun 13, 2024
Adobe Framemaker Publishing Server versions 2020.3, 2022.2 and earlier are affected by an... Critical Unreviewed
CVE-2024-30299 was published Jun 13, 2024
Certain ASUS router models have authentication bypass vulnerability, allowing unauthenticated... Critical Unreviewed
CVE-2024-3080 was published Jun 14, 2024
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE. The... Unknown Unreviewed
CVE-2024-37368 was published Jun 14, 2024
ProTip! Advisories are also available from the GraphQL API