GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,212 advisories
Filter by severity
In WhatsUp Gold versions released before 2023.1.3, there is a missing authentication...
High
Unreviewed
CVE-2024-5012
was published
Jun 25, 2024
Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to...
High
Unreviewed
CVE-2024-5806
was published
Jun 25, 2024
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an...
High
Unreviewed
CVE-2024-34103
was published
Jun 13, 2024
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-35248
was published
Jun 11, 2024
A vulnerability was found in Clash up to 0.20.1 on Windows. It has been declared as critical....
High
Unreviewed
CVE-2024-5732
was published
Jun 7, 2024
Improper Authentication vulnerability in wpase Admin and Site Enhancements (ASE) allows Accessing...
High
Unreviewed
CVE-2023-46630
was published
Jun 4, 2024
Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects...
High
Unreviewed
CVE-2023-41956
was published
May 17, 2024
Improper Authentication vulnerability in Snow Software AB Snow License Manager on Windows allows...
High
Unreviewed
CVE-2024-4129
was published
May 14, 2024
ArmorX Android APP's multi-factor authentication (MFA) for the login function is not properly...
High
Unreviewed
CVE-2024-4303
was published
Apr 29, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9...
High
Unreviewed
CVE-2024-4024
was published
Apr 25, 2024
Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing...
High
Unreviewed
CVE-2023-47504
was published
Apr 24, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing...
High
Unreviewed
CVE-2023-51471
was published
Apr 24, 2024
There is a difficult to exploit improper authentication issue in the Home application for Esri...
High
Unreviewed
CVE-2024-25699
was published
Apr 4, 2024
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before...
High
Unreviewed
CVE-2024-2450
was published
Mar 15, 2024
Improper authentication vulnerability in OpenText™ Exceed Turbo X affecting versions 12.5.0 and...
High
Unreviewed
CVE-2023-38534
was published
Mar 14, 2024
Windows Kerberos Security Feature Bypass Vulnerability
High
Unreviewed
CVE-2024-21427
was published
Mar 12, 2024
Microsoft Authenticator Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-21390
was published
Mar 12, 2024
An improper authentication vulnerability [CWE-287] in FortiOS versions 7.4.1 and below, versions...
High
Unreviewed
CVE-2023-46717
was published
Mar 12, 2024
A vulnerability has been found in Demososo DM Enterprise Website Building System up to 2022.8 and...
High
Unreviewed
CVE-2024-1817
was published
Feb 23, 2024
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD)...
High
Unreviewed
CVE-2023-52161
was published
Feb 22, 2024
IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an...
High
Unreviewed
CVE-2022-41738
was published
Feb 17, 2024
IBM Storage Scale Container Native Storage Access 5.1.2.1 through 5.1.7.0 could allow a local...
High
Unreviewed
CVE-2022-41737
was published
Feb 17, 2024
CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering
of...
High
Unreviewed
CVE-2024-0568
was published
Feb 14, 2024
A vulnerability has been identified in Polarion ALM (All versions). The REST API endpoints of...
High
Unreviewed
CVE-2024-23813
was published
Feb 13, 2024
Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username...
High
Unreviewed
CVE-2024-25313
was published
Feb 9, 2024
ProTip!
Advisories are also available from the
GraphQL API