GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
24 advisories
Filter by severity
Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11...
Critical
Unreviewed
CVE-2024-10127
was published
Nov 20, 2024
Mattermost versions 9.11.x <= 9.11.2, and 9.5.x <= 9.5.10 fail to protect the mfa code against...
Low
Unreviewed
CVE-2024-36250
was published
Nov 9, 2024
In WS_FTP Server versions before 8.8.9 (2022.0.9), an Incorrect Implementation of Authentication...
Moderate
Unreviewed
CVE-2024-9999
was published
Nov 12, 2024
Incorrect implementation in authentication protocol in M-Files Client before 22.5.11356.0 allows...
Moderate
Unreviewed
CVE-2022-4861
was published
Dec 30, 2022
Insufficient authentication flow in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39 allows...
High
Unreviewed
CVE-2023-31211
was published
Jan 12, 2024
An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with...
Moderate
Unreviewed
CVE-2024-25157
was published
Aug 14, 2024
In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space...
Low
Unreviewed
CVE-2024-41829
was published
Jul 22, 2024
Inappropriate implementation in Skia in Google Chrome prior to 115.0.5790.98 allowed a remote...
Critical
Unreviewed
CVE-2023-4860
was published
Jul 17, 2024
In smp_proc_rand of smp_act.cc, there is a possible authentication bypass during legacy BLE...
High
Unreviewed
CVE-2024-34722
was published
Jul 9, 2024
An authentication bypass vulnerability has been identified in the REST and SOAP API components of...
Unknown
Unreviewed
CVE-2024-4332
was published
Jun 3, 2024
An authentication bypass vulnerability was present in the GitHub Enterprise Server (GHES) when...
Critical
Unreviewed
CVE-2024-4985
was published
May 21, 2024
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password...
Moderate
Unreviewed
CVE-2023-4641
was published
Dec 27, 2023
D-Link DIR-X3260 prog.cgi Incorrect Implementation of Authentication Algorithm Authentication...
High
Unreviewed
CVE-2023-44420
was published
May 3, 2024
D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability. This vulnerability allows...
Moderate
Unreviewed
CVE-2023-32148
was published
May 3, 2024
D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows...
Moderate
Unreviewed
CVE-2023-32152
was published
May 3, 2024
D-Link DIR-2150 LoginPassword Incorrect Implementation of Authentication Algorithm Authentication...
High
Unreviewed
CVE-2023-34274
was published
May 3, 2024
D-Link DIR-2150 HNAP Incorrect Implementation of Authentication Algorithm Authentication Bypass...
High
Unreviewed
CVE-2023-34282
was published
May 3, 2024
Windows Kerberos Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-26248
was published
Apr 9, 2024
pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket...
Critical
Unreviewed
CVE-2023-3326
was published
Jun 22, 2023
A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.17.3...
Critical
Unreviewed
CVE-2023-29129
was published
Jun 13, 2023
An authentication bypass vulnerability exists in the Authentication functionality of Weston...
High
Unreviewed
CVE-2022-41985
was published
May 10, 2023
A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624),...
High
Unreviewed
CVE-2022-33736
was published
Jul 13, 2022
This vulnerability allows network-adjacent attackers to disclose sensitive information on...
Moderate
Unreviewed
CVE-2022-43635
was published
Mar 29, 2023
A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All Versions >= 1.16.4 ...
Critical
Unreviewed
CVE-2023-25957
was published
Mar 14, 2023
ProTip!
Advisories are also available from the
GraphQL API