Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

3,410 advisories

Loading
Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication... Critical Unreviewed
CVE-2024-1148 was published Mar 21, 2024
Improper Authentication in Spring Authorization Server Moderate
CVE-2024-22258 was published for org.springframework.security:spring-security-oauth2-authorization-server (Maven) Mar 20, 2024
Erroneous authentication pass in Spring Security High
CVE-2024-22257 was published for org.springframework.security:spring-security-core (Maven) Mar 18, 2024
CWE-287: Improper Authentication may allow Authentication Bypass Critical Unreviewed
CVE-2024-27767 was published Mar 18, 2024
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before... High Unreviewed
CVE-2024-2450 was published Mar 15, 2024
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and... High Unreviewed
CVE-2023-38534 was published Mar 14, 2024
An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in... Critical Unreviewed
CVE-2024-0799 was published Mar 13, 2024
Windows Kerberos Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-21427 was published Mar 12, 2024
Microsoft Authenticator Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-21390 was published Mar 12, 2024
An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions... High Unreviewed
CVE-2023-46717 was published Mar 12, 2024
An improper authentication vulnerability has been reported to affect several QNAP operating... Critical Unreviewed
CVE-2024-21899 was published Mar 8, 2024
IBM DS8900F HMC 89.21.19.0, 89.21.31.0, 89.30.68.0, 89.32.40.0, and 89.33.48.0 could allow a... Moderate Unreviewed
CVE-2023-46172 was published Mar 7, 2024
JFrog Artifactory versions 7.59 and above, but below 7.59.18, 7.63.18, 7.68.19, 7.71.8 are... Critical Unreviewed
CVE-2023-42662 was published Mar 7, 2024
A vulnerability in Cisco Duo Authentication for Windows Logon and RDP could allow an... Moderate Unreviewed
CVE-2024-20301 was published Mar 6, 2024
Remote Code Execution by uploading a phar file using frontmatter Critical
CVE-2024-27923 was published for getgrav/grav (Composer) Mar 6, 2024
Universe1122
An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication... Moderate Unreviewed
CVE-2023-38372 was published Feb 29, 2024
Flask-AppBuilder vulnerable to incorrect authentication when using auth type OpenID Critical
CVE-2024-25128 was published for Flask-AppBuilder (pip) Feb 28, 2024
parantheses dpgaspar
Improper access control vulnerability has been identified in the SMA100 SSL-VPN virtual office... Moderate Unreviewed
CVE-2024-22395 was published Feb 24, 2024
A vulnerability has been found in Demososo DM Enterprise Website Building System up to 2022.8 and... High Unreviewed
CVE-2024-1817 was published Feb 23, 2024
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a... Moderate Unreviewed
CVE-2023-52160 was published Feb 22, 2024
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD)... High Unreviewed
CVE-2023-52161 was published Feb 22, 2024
Arbitrary Authentication Relay and Session Hijack vulnerabilities in the deprecated VMware... Critical Unreviewed
CVE-2024-22245 was published Feb 20, 2024
IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an... High Unreviewed
CVE-2022-41738 was published Feb 17, 2024
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.7.0 could allow a local... High Unreviewed
CVE-2022-41737 was published Feb 17, 2024
Adobe Framemaker versions 2022.1 and earlier are affected by an Improper Authentication... Critical Unreviewed
CVE-2024-20738 was published Feb 15, 2024
ProTip! Advisories are also available from the GraphQL API