Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,412 advisories

Loading
Magento Open Source Improper Authentication vulnerability High
CVE-2024-34103 was published for magento/community-edition (Composer) Jun 13, 2024
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-35248 was published Jun 11, 2024
fprintd through 1.94.3 lacks a security attention mechanism, and thus unexpected actions might be... High Unreviewed
CVE-2024-37408 was published Jun 8, 2024
ZendOpenID potential security issue in login mechanism High
GHSA-3x57-m5p4-rgh4 was published for zendframework/zendopenid (Composer) Jun 7, 2024
Zendframework potential security issue in login mechanism High
GHSA-9v78-h226-2rmq was published for zendframework/zendframework1 (Composer) Jun 7, 2024
TYPO3 Security Misconfiguration for Backend User Accounts High
GHSA-c5mj-39cf-3pp5 was published for typo3/cms (Composer) Jun 7, 2024
A vulnerability was found in Clash up to 0.20.1 on Windows. It has been declared as critical.... High Unreviewed
CVE-2024-5732 was published Jun 7, 2024
Improper Authentication vulnerability in wpase Admin and Site Enhancements (ASE) allows Accessing... High Unreviewed
CVE-2023-46630 was published Jun 4, 2024
TYPO3 Security Misconfiguration for Backend User Accounts High
GHSA-rxc9-f2x6-qh4w was published for typo3/cms-core (Composer) May 30, 2024
TYPO3 CMS Authentication Bypass vulnerability High
GHSA-x4rj-f7m6-42c3 was published for typo3/cms-core (Composer) May 30, 2024
Thelia authentication bypass vulnerability High
GHSA-g8pg-33v4-9r96 was published for thelia/thelia (Composer) May 30, 2024
scheb/two-factor-bundle bypass two-factor authentication with remember-me option High
GHSA-9phw-7h96-q3rv was published for scheb/two-factor-bundle (Composer) May 21, 2024
scheb/two-factor-bundle bypass two-factor authentication with unverified JWT trusted device token High
GHSA-h6mp-mc7g-mg49 was published for scheb/two-factor-bundle (Composer) May 21, 2024
Improper Authentication vulnerability in smp7, wp.Insider Simple Membership.This issue affects... High Unreviewed
CVE-2023-41956 was published May 17, 2024
Improper Authentication vulnerability in Snow Software AB Snow License Manager on Windows allows... High Unreviewed
CVE-2024-4129 was published May 14, 2024
Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its... High Unreviewed
CVE-2020-18305 was published May 14, 2024
ReCrystallize Server 5.10.0.0 uses a authorization mechanism that relies on the value of a cookie... High Unreviewed
CVE-2024-26331 was published Apr 30, 2024
ArmorX Android APP's multi-factor authentication (MFA) for the login function is not properly... High Unreviewed
CVE-2024-4303 was published Apr 29, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9... High Unreviewed
CVE-2024-4024 was published Apr 25, 2024
Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing... High Unreviewed
CVE-2023-47504 was published Apr 24, 2024
Improper Authentication vulnerability in Mestres do WP Checkout Mestres WP allows Accessing... High Unreviewed
CVE-2023-51471 was published Apr 24, 2024
There is a difficult to exploit improper authentication issue in the Home application for Esri... High Unreviewed
CVE-2024-25699 was published Apr 4, 2024
An incorrect access control issue in Unit4 Financials by Coda v.2023Q4 allows a remote attacker... High Unreviewed
CVE-2024-28735 was published Mar 20, 2024
Erroneous authentication pass in Spring Security High
CVE-2024-22257 was published for org.springframework.security:spring-security-core (Maven) Mar 18, 2024
Mattermost versions 8.1.x before 8.1.10, 9.2.x before 9.2.6, 9.3.x before 9.3.2, and 9.4.x before... High Unreviewed
CVE-2024-2450 was published Mar 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database