GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
3,410 advisories
Filter by severity
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9...
High
Unreviewed
CVE-2024-4024
was published
Apr 25, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.6, all versions...
Moderate
Unreviewed
CVE-2024-1347
was published
Apr 25, 2024
Improper Authentication vulnerability in wp-buy Login as User or Customer (User Switching) allows...
Critical
Unreviewed
CVE-2023-51484
was published
Apr 25, 2024
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege...
Critical
Unreviewed
CVE-2023-51478
was published
Apr 25, 2024
Improper Authentication vulnerability in EazyPlugins Eazy Plugin Manager allows Accessing...
Critical
Unreviewed
CVE-2023-51482
was published
Apr 25, 2024
Improper Authentication, Improper Neutralization of Input During Web Page Generation ('Cross-site...
Moderate
Unreviewed
CVE-2023-25790
was published
Apr 24, 2024
Improper Authentication vulnerability in Repute Infosystems BookingPress allows Accessing...
Moderate
Unreviewed
CVE-2023-51405
was published
Apr 24, 2024
Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing...
High
Unreviewed
CVE-2023-47504
was published
Apr 24, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing...
High
Unreviewed
CVE-2023-51471
was published
Apr 24, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Privilege...
Critical
Unreviewed
CVE-2023-51472
was published
Apr 24, 2024
Improper Authentication vulnerability in BUDDYBOSS DMCC BuddyBoss Theme allows Accessing...
Critical
Unreviewed
CVE-2023-51477
was published
Apr 24, 2024
Keycloak vulnerable to impersonation via logout token exchange
Low
CVE-2023-0657
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 17, 2024
Keycloak vulnerable to session hijacking via re-authentication
Moderate
CVE-2023-6787
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 17, 2024
Keycloak secondary factor bypass in step-up authentication
Moderate
CVE-2023-3597
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 17, 2024
A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart...
Moderate
Unreviewed
CVE-2023-25493
was published
Apr 5, 2024
There is a difficult to exploit improper authentication issue in the Home application for Esri...
High
Unreviewed
CVE-2024-25699
was published
Apr 4, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,...
Unknown
Unreviewed
CVE-2024-28009
was published
Mar 28, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,...
Unknown
Unreviewed
CVE-2024-28012
was published
Mar 28, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,...
Unknown
Unreviewed
CVE-2024-28006
was published
Mar 28, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,...
Unknown
Unreviewed
CVE-2024-28007
was published
Mar 28, 2024
REST service authentication anomaly with “valid username/no password” credential combination for...
Moderate
Unreviewed
CVE-2024-2244
was published
Mar 27, 2024
A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A...
Critical
Unreviewed
CVE-2024-2873
was published
Mar 26, 2024
This vulnerability allows remote attackers to reset the password of anonymous users without...
Critical
Unreviewed
CVE-2024-2862
was published
Mar 25, 2024
Improper Authentication vulnerability in Melapress WP 2FA allows Authentication Bypass.This issue...
Moderate
Unreviewed
CVE-2022-44595
was published
Mar 21, 2024
Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication...
Critical
Unreviewed
CVE-2024-1147
was published
Mar 21, 2024
ProTip!
Advisories are also available from the
GraphQL API