Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

795 advisories

Loading
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege... Critical Unreviewed
CVE-2023-51478 was published Apr 25, 2024
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and... Critical Unreviewed
CVE-2021-44077 was published Nov 30, 2021
Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass... Critical Unreviewed
CVE-2021-22893 was published May 24, 2022
**UNSUPPORTED WHEN ASSIGNED** Insecure default credentials for the Telnet function in the legacy... Critical Unreviewed
CVE-2025-0890 was published Feb 4, 2025
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API... Critical Unreviewed
CVE-2021-40539 was published May 24, 2022
Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products... Critical Unreviewed
CVE-2023-27388 was published May 23, 2023
OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password... Critical Unreviewed
CVE-2022-35898 was published May 1, 2023
Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP... Critical Unreviewed
CVE-2022-37042 was published Aug 13, 2022
An authentication bypass in Optoma 1080PSTX C02 allows an attacker to access the administration... Critical Unreviewed
CVE-2023-27823 was published May 12, 2023
The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows... Critical Unreviewed
CVE-2021-32030 was published May 24, 2022
It has been found that the Beta10 software does not provide for proper authorisation control in... Critical Unreviewed
CVE-2025-0637 was published Jan 23, 2025
An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication... Critical Unreviewed
CVE-2018-10561 was published May 14, 2022
The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content... Critical Unreviewed
CVE-2024-12919 was published Jan 14, 2025
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed
CVE-2024-28012 was published Mar 28, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed
CVE-2024-28009 was published Mar 28, 2024
Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed
CVE-2024-28007 was published Mar 28, 2024
SAP NetWeaver Application Server for ABAP and ABAP Platform allows an authenticated attacker to... Critical Unreviewed
CVE-2025-0070 was published Jan 14, 2025
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote... Critical Unreviewed
CVE-2024-53704 was published Jan 9, 2025
An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication... Critical Unreviewed
CVE-2023-33553 was published Jun 7, 2023
The PayU CommercePro Plugin plugin for WordPress is vulnerable to privilege escalation in all... Critical Unreviewed
CVE-2024-12264 was published Jan 7, 2025
Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method. Critical Unreviewed
CVE-2023-32220 was published Jun 12, 2023
Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. If this... Critical Unreviewed
CVE-2023-30762 was published Jun 13, 2023
An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build... Critical Unreviewed
CVE-2017-7921 was published May 17, 2022
The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all... Critical Unreviewed
CVE-2024-12287 was published Dec 18, 2024
The Sign In With Google plugin for WordPress is vulnerable to authentication bypass in all... Critical Unreviewed
CVE-2024-11015 was published Dec 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database