GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,216
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,288
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,581

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,043 advisories

Filter by severity

Sort by

Least recently updated

If LDAP settings are accessed, authentication could be redirected to another server, potentially... Moderate Unreviewed

CVE-2024-12510 was published Feb 3, 2025

Improper Authentication vulnerability in Drupal Login Disable allows Exploiting Incorrectly... Moderate Unreviewed

CVE-2024-13309 was published Jan 9, 2025

Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or... Moderate Unreviewed

CVE-2020-3952 was published May 24, 2022

API Security bypass through header manipulation Moderate Unreviewed

CVE-2024-55925 was published Jan 23, 2025

An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to... Moderate Unreviewed

CVE-2023-28325 was published May 12, 2023

** DISPUTED ** lib/crypto/c_src/crypto_drv.c in erlang does not properly check the return value... Moderate Unreviewed

CVE-2009-0130 was published May 2, 2022

Mevin Productions Basic PHP Events Lister 2.0 does not properly restrict access to (1) admin... Moderate Unreviewed

CVE-2009-3168 was published May 2, 2022

Vulnerability of improper authentication in the ANS system service module Impact: Successful... Moderate Unreviewed

CVE-2023-52955 was published Jan 8, 2025

HCL MyXalytics is affected by broken authentication. It allows attackers to compromise keys,... Moderate Unreviewed

CVE-2024-42172 was published Jan 11, 2025

A user with administrator privileges is able to retrieve authentication tokens Moderate Unreviewed

CVE-2024-9133 was published Jan 11, 2025

Instruction authentication bypass vulnerability in the Findnetwork module Impact: Successful... Moderate Unreviewed

CVE-2024-56445 was published Jan 8, 2025

A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan... Moderate Unreviewed

CVE-2024-13111 was published Jan 2, 2025

CWE-287: Improper Authentication vulnerability exists that could cause Denial of access to the... Moderate Unreviewed

CVE-2024-10511 was published Dec 11, 2024

An improper authentication vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed

CVE-2024-48859 was published Dec 6, 2024

A vulnerability was found in Quay, which allows successful authentication even when a truncated... Moderate Unreviewed

CVE-2024-9683 was published Oct 17, 2024

A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software,... Moderate Unreviewed

CVE-2019-1980 was published May 24, 2022

Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager... Moderate Unreviewed

CVE-2024-11671 was published Nov 25, 2024

IPP software prior to v1.71 is vulnerable to default credential vulnerability. This could lead... Moderate Unreviewed

CVE-2022-33862 was published Nov 25, 2024

A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC,... Moderate Unreviewed

CVE-2021-22764 was published May 24, 2022

A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is... Moderate Unreviewed

CVE-2023-40660 was published Nov 6, 2023

A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an... Moderate Unreviewed

CVE-2024-11209 was published Nov 14, 2024

A vulnerability was found in pam_access due to the improper handling of tokens in access.conf,... Moderate Unreviewed

CVE-2024-10963 was published Nov 7, 2024

A vulnerability was found in knightliao Disconf 2.6.36. It has been classified as critical. This... Moderate Unreviewed

CVE-2024-10620 was published Nov 1, 2024

Authentication Bypass in GNCC's GC2 Indoor Security Camera 1080P allows an attacker with physical... Moderate Unreviewed

CVE-2024-31800 was published Aug 15, 2024

A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this... Moderate Unreviewed

CVE-2024-10173 was published Oct 20, 2024

Previous 1 2 3 4 5 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,043 advisories