Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,414 advisories

Loading
platform_callback_stub in misc subsystem within OpenHarmony-v3.0.5 and prior versions has an... High Unreviewed
CVE-2023-0036 was published Jan 9, 2023
softbus_client_stub in communication subsystem within OpenHarmony-v3.0.5 and prior versions has... High Unreviewed
CVE-2023-0035 was published Jan 9, 2023
A vulnerability that allows a user who has been assigned a low-privileged role within Veeam... High Unreviewed
CVE-2024-40713 was published Sep 7, 2024
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-38225 was published Sep 10, 2024
Sensitive information disclosure and manipulation due to improper authentication. The following... High Unreviewed
CVE-2023-45246 was published Oct 6, 2023
SaToken authentication bypass vulnerability High
CVE-2023-43961 was published for cn.dev33:sa-token-core (Maven) Oct 25, 2023
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication... High Unreviewed
CVE-2024-45113 was published Sep 13, 2024
botframework-connector vulnerable to Improper Authentication High
GHSA-cqff-fx2x-p86v was published for botframework-connector (pip) Mar 8, 2021
CrateDB authentication bypass vulnerability High
CVE-2023-51982 was published for crate (Maven) Jan 30, 2024
Tu0Laj1
HashiCorp Vault Authentication bypass High
CVE-2020-16251 was published for github.com/hashicorp/vault (Go) Jan 31, 2024
andrewpollock
Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's... High Unreviewed
CVE-2021-45036 was published Nov 28, 2022
Improper Authentication in django-mfa3 High
CVE-2022-24857 was published for django-mfa3 (pip) Apr 22, 2022
stefanw
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2023-21841 was published Jan 18, 2023
Improper authentication vulnerability in multiple digital video recorders provided by TAKENAKA... High Unreviewed
CVE-2024-41929 was published Sep 18, 2024
Mautic vulnerable to Improper Access Control in UI upgrade process High
CVE-2022-25768 was published for mautic/core (Composer) Sep 18, 2024
mollux escopecz
patrykgruszka
There is a difficult to exploit improper authentication issue in the Home application for Esri... High Unreviewed
CVE-2024-25699 was published Apr 4, 2024
Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310... High Unreviewed
CVE-2023-42771 was published Oct 3, 2023
Potential bypass of an upstream access control based on URL paths in Django High
CVE-2021-44420 was published for Django (pip) Dec 9, 2021
Improper Authentication in Flask-AppBuilder High
CVE-2021-41265 was published for Flask-AppBuilder (pip) Dec 9, 2021
Flower OAuth authentication bypass High
CVE-2022-30034 was published for flower (pip) Jun 3, 2022
tprynn
Improper Authentication in FreeTAKServer High
CVE-2022-25508 was published for FreeTAKServer (pip) Mar 12, 2022
Securepoint UTM before 12.6.5 mishandles OTP codes. High Unreviewed
CVE-2024-39340 was published Jul 12, 2024
Missing authentication in the StudentPopupDetails_EmergencyContactDetails method in... High Unreviewed
CVE-2023-27377 was published Oct 25, 2023
An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN... High Unreviewed
CVE-2024-45750 was published Sep 25, 2024
SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7... High Unreviewed
CVE-2023-35874 was published Jul 11, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database