GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,138
Composer 4,333
Erlang 31
GitHub Actions 21
Go 2,094
Maven 5,263
npm 3,759
NuGet 678
pip 3,445
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,308

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

794 advisories

Filter by severity

Sort by

Least recently updated

It has been found that the Beta10 software does not provide for proper authorisation control in... Critical Unreviewed

CVE-2025-0637 was published Jan 23, 2025

An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication... Critical Unreviewed

CVE-2018-10561 was published May 14, 2022

The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content... Critical Unreviewed

CVE-2024-12919 was published Jan 14, 2025

Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed

CVE-2024-28012 was published Mar 28, 2024

Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed

CVE-2024-28009 was published Mar 28, 2024

Improper authentication vulnerability in NEC Corporation Aterm WG1800HP4, WG1200HS3, WG1900HP2,... Critical Unreviewed

CVE-2024-28007 was published Mar 28, 2024

SAP NetWeaver Application Server for ABAP and ABAP Platform allows an authenticated attacker to... Critical Unreviewed

CVE-2025-0070 was published Jan 14, 2025

An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote... Critical Unreviewed

CVE-2024-53704 was published Jan 9, 2025

An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication... Critical Unreviewed

CVE-2023-33553 was published Jun 7, 2023

The PayU CommercePro Plugin plugin for WordPress is vulnerable to privilege escalation in all... Critical Unreviewed

CVE-2024-12264 was published Jan 7, 2025

Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method. Critical Unreviewed

CVE-2023-32220 was published Jun 12, 2023

Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. If this... Critical Unreviewed

CVE-2023-30762 was published Jun 13, 2023

An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build... Critical Unreviewed

CVE-2017-7921 was published May 17, 2022

The Biagiotti Membership plugin for WordPress is vulnerable to authentication bypass in all... Critical Unreviewed

CVE-2024-12287 was published Dec 18, 2024

The Sign In With Google plugin for WordPress is vulnerable to authentication bypass in all... Critical Unreviewed

CVE-2024-11015 was published Dec 12, 2024

ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability.... Critical Unreviewed

CVE-2024-11680 was published Nov 26, 2024

An authentication issue was addressed with improved state management. This issue is fixed in... Critical Unreviewed

CVE-2024-23255 was published Mar 8, 2024

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Critical Unreviewed

CVE-2019-16028 was published May 24, 2022

Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An... Critical Unreviewed

CVE-2023-28461 was published Mar 16, 2023

An authentication bypass vulnerability has been identified in Pulpcore when deployed with... Critical Unreviewed

CVE-2024-7923 was published Sep 4, 2024

The web application uses a weak authentication mechanism to verify that a request is coming from... Critical Unreviewed

CVE-2024-45369 was published Nov 23, 2024

An authentication bypass vulnerability has been identified in Foreman when deployed with External... Critical Unreviewed

CVE-2024-7012 was published Sep 4, 2024

Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless... Critical Unreviewed

CVE-2024-50478 was published Oct 28, 2024

In WhatsUp Gold versions released before 2024.0.0, an Authentication Bypass issue exists which... Critical Unreviewed

CVE-2024-7763 was published Oct 24, 2024

An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An... Critical Unreviewed

CVE-2024-23629 was published Jan 26, 2024

Previous 1 2 3 4 5 … 31 32 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

794 advisories