GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
311 advisories
Filter by severity
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated...
Critical
Unreviewed
CVE-2024-0012
was published
Nov 18, 2024
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server...
Critical
Unreviewed
CVE-2023-42793
was published
Sep 19, 2023
Certain modes of in-vehicle routers from Billion Electric have a Missing Authentication...
Critical
Unreviewed
CVE-2024-11980
was published
Nov 29, 2024
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an...
Critical
Unreviewed
CVE-2024-5910
was published
Jul 10, 2024
STW (aka Sensor-Technik Wiedemann) TCG-4 Connectivity Module DeploymentPackage_v3.03r0-Impala and...
Critical
Unreviewed
CVE-2023-35830
was published
Jun 29, 2023
Missing Authentication for Critical Function vulnerability in OpenText™ AccuRev for LDAP...
Critical
Unreviewed
CVE-2019-17082
was published
Nov 26, 2024
Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access...
Critical
Unreviewed
CVE-2024-40404
was published
Nov 14, 2024
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An...
Critical
Unreviewed
CVE-2023-28461
was published
Mar 16, 2023
The administrative interface listens by default on all interfaces on a TCP port and does not...
Critical
Unreviewed
CVE-2024-47138
was published
Nov 23, 2024
A missing authentication for critical function vulnerability has been reported to affect Notes...
Critical
Unreviewed
CVE-2024-38643
was published
Nov 22, 2024
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to...
Critical
Unreviewed
CVE-2024-10924
was published
Nov 15, 2024
The software tools used by service personnel to test & calibrate the ventilator do not support...
Critical
Unreviewed
CVE-2024-48966
was published
Nov 15, 2024
Insufficient Verification of Data Authenticity vulnerability in Mitsubishi Electric Corporation...
Critical
Unreviewed
CVE-2023-4699
was published
Nov 6, 2023
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows...
Critical
Unreviewed
CVE-2024-51567
was published
Oct 30, 2024
Improper access control in PAM vault permissions in Devolutions Server 2024.1.6 and earlier...
Critical
Unreviewed
CVE-2024-2921
was published
Mar 26, 2024
Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an...
Critical
Unreviewed
CVE-2024-47406
was published
Oct 25, 2024
In ILIAS through 7.10, lack of verification when changing an email address (on the Profile Page)...
Critical
Unreviewed
CVE-2022-31266
was published
Jun 30, 2022
Authentication Bypass Using an Alternate Path or Channel vulnerability in Stacks Stacks Mobile...
Critical
Unreviewed
CVE-2024-50477
was published
Oct 28, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Realty Workstation...
Critical
Unreviewed
CVE-2024-50489
was published
Oct 28, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in MaanTheme MaanStore API...
Critical
Unreviewed
CVE-2024-50487
was published
Oct 28, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Acnoo Acnoo Flutter API...
Critical
Unreviewed
CVE-2024-50486
was published
Oct 28, 2024
An issue was discovered in Atos Eviden iCare 2.7.1 through 2.7.11. The application exposes a web...
Critical
Unreviewed
CVE-2024-42017
was published
Sep 30, 2024
JTEKT TOYOPUC PLCs through 2022-04-29 mishandle authentication. They utilize the CMPLink/TCP...
Critical
Unreviewed
CVE-2022-29951
was published
Jul 27, 2022
CVE-2024-10386 IMPACT
An authentication
vulnerability exists in the affected product. The...
Critical
Unreviewed
CVE-2024-10386
was published
Oct 25, 2024
An issue in Casa Systems NTC-221 version 2.0.99.0 and before allows a remote attacker to execute...
Critical
Unreviewed
CVE-2024-26519
was published
Oct 23, 2024
ProTip!
Advisories are also available from the
GraphQL API