Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,156 advisories

Loading
A vulnerability in the protocol detection component of Cisco Firepower Threat Defense Software,... Moderate Unreviewed
CVE-2019-1980 was published May 24, 2022
A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower... High Unreviewed
CVE-2020-3410 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC)... Critical Unreviewed
CVE-2019-16028 was published May 24, 2022
Cisco Firepower Management Center 6.0.1 has hardcoded database credentials, which allows local... High Unreviewed
CVE-2016-6434 was published May 17, 2022
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability.... Critical Unreviewed
CVE-2024-11680 was published Nov 26, 2024
Initial xbl_sec revision does not have all the debug policy features and critical checks. High Unreviewed
CVE-2016-10394 was published Nov 26, 2024
An image with a version lower than the fuse version may potentially be booted lead to improper... High Unreviewed
CVE-2018-11952 was published Nov 26, 2024
Improper authentication in SQL data source MFA validation in Devolutions Remote Desktop Manager... Moderate Unreviewed
CVE-2024-11671 was published Nov 25, 2024
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An... Critical Unreviewed
CVE-2023-28461 was published Mar 16, 2023
IPP software prior to v1.71 is vulnerable to default credential vulnerability. This could lead... Moderate Unreviewed
CVE-2022-33862 was published Nov 25, 2024
An authentication bypass vulnerability has been identified in Pulpcore when deployed with... Critical Unreviewed
CVE-2024-7923 was published Sep 4, 2024
A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC,... Moderate Unreviewed
CVE-2021-22764 was published May 24, 2022
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is... Moderate Unreviewed
CVE-2023-40660 was published Nov 6, 2023
The web application uses a weak authentication mechanism to verify that a request is coming from... Critical Unreviewed
CVE-2024-45369 was published Nov 23, 2024
Wyze Cam v3 Cloud Infrastructure Improper Authentication Remote Code Execution Vulnerability.... High Unreviewed
CVE-2024-6248 was published Nov 22, 2024
**UNSUPPORTED WHEN ASSIGNED** The improper authentication vulnerability in the Zyxel P-6101C ADSL... High Unreviewed
CVE-2024-11494 was published Nov 20, 2024
Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT'... High Unreviewed
CVE-2020-12627 was published May 24, 2022
An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server... High Unreviewed
CVE-2023-22644 was published Sep 20, 2023
A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an... Moderate Unreviewed
CVE-2024-11209 was published Nov 14, 2024
Windows Task Scheduler Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-49039 was published Nov 12, 2024
A vulnerability was found in pam_access due to the improper handling of tokens in access.conf,... Moderate Unreviewed
CVE-2024-10963 was published Nov 7, 2024
The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress... High Unreviewed
CVE-2024-9946 was published Nov 6, 2024
The Heateor Social Login WordPress plugin for WordPress is vulnerable to authentication bypass in... High Unreviewed
CVE-2024-10020 was published Nov 6, 2024
An authentication bypass vulnerability has been identified in Foreman when deployed with External... Critical Unreviewed
CVE-2024-7012 was published Sep 4, 2024
Waybox Enel X web management API authentication could be bypassed and provide administrator’s... High Unreviewed
CVE-2023-29117 was published Nov 5, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database