GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
87 advisories
Filter by severity
An issue discovered in Dronetag Drone Scanner 1.5.2 allows attackers to impersonate other drones...
High
Unreviewed
CVE-2024-22520
was published
Feb 7, 2024
An issue discovered in OpenDroneID OSM 3.5.1 allows attackers to impersonate other drones via...
High
Unreviewed
CVE-2024-22519
was published
Feb 7, 2024
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful...
High
Unreviewed
CVE-2023-44117
was published
Jan 16, 2024
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful...
High
Unreviewed
CVE-2023-4566
was published
Jan 16, 2024
An issue was discovered in Network Optix NxCloud before 23.1.0.40440. It was possible to add a...
High
Unreviewed
CVE-2023-6263
was published
Nov 22, 2023
Authentication bypass vulnerability, the exploitation of which could allow a local attacker to...
High
Unreviewed
CVE-2023-3103
was published
Nov 22, 2023
This user-activity-log-pro WordPress plugin before 2.3.4 retrieves client IP addresses from...
High
Unreviewed
CVE-2023-5133
was published
Oct 16, 2023
This User Activity Log WordPress plugin before 1.6.7 retrieves client IP addresses from...
High
Unreviewed
CVE-2023-4279
was published
Sep 4, 2023
AMI SPx contains a vulnerability in BMC where a User may cause an authentication bypass by...
High
Unreviewed
CVE-2023-34329
was published
Jul 18, 2023
A CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate...
High
Unreviewed
CVE-2022-32747
was published
Jul 6, 2023
passport-wsfed-saml2 vulnerable to Signature Bypass in SAML2 token
High
CVE-2017-16897
was published
for
passport-wsfed-saml2
(npm)
Jun 21, 2023
Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were...
High
Unreviewed
CVE-2022-36331
was published
Jun 12, 2023
A missing delay in popup notifications could have made it possible for an attacker to trick a...
High
Unreviewed
CVE-2023-32207
was published
Jun 2, 2023
A lack of in app notification for entering fullscreen mode could have lead to a malicious website...
High
Unreviewed
CVE-2023-25743
was published
Jun 2, 2023
The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept...
High
Unreviewed
CVE-2022-47522
was published
Apr 15, 2023
The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to...
High
Unreviewed
CVE-2022-4550
was published
Feb 27, 2023
Authentication Bypass by Spoofing vulnerability in Mitsubishi Electric Corporation GOT2000 Series...
High
Unreviewed
CVE-2022-40269
was published
Feb 2, 2023
Parse Server option `masterKeyIps` vulnerability to IP spoofing
High
CVE-2023-22474
was published
for
parse-server
(npm)
Jan 31, 2023
The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's IP...
High
Unreviewed
CVE-2022-4303
was published
Jan 23, 2023
The FluentAuth WordPress plugin before 1.0.2 prioritizes getting a visitor's IP address from...
High
Unreviewed
CVE-2022-4746
was published
Jan 23, 2023
Microsoft Outlook for Mac Spoofing Vulnerability.
High
Unreviewed
CVE-2022-44713
was published
Dec 13, 2022
Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass...
High
Unreviewed
CVE-2022-4098
was published
Dec 13, 2022
Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's...
High
Unreviewed
CVE-2021-45036
was published
Nov 28, 2022
anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing...
High
Unreviewed
CVE-2022-42983
was published
Oct 17, 2022
An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows...
High
Unreviewed
CVE-2022-0030
was published
Oct 12, 2022
ProTip!
Advisories are also available from the
GraphQL API