Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,347
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,768
NuGet
680
pip
3,457
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

198 advisories

Loading
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server... Critical Unreviewed
CVE-2023-42793 was published Sep 19, 2023
Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas... Critical Unreviewed
CVE-2023-4702 was published Sep 14, 2023
A remote authentication bypass issue exists in some OneView APIs. Critical Unreviewed
CVE-2023-30909 was published Sep 14, 2023
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1... Critical Unreviewed
CVE-2023-41256 was published Sep 11, 2023
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... Critical Unreviewed
CVE-2023-20269 was published Sep 6, 2023
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to authentication... Critical Unreviewed
CVE-2023-3162 was published Aug 31, 2023
The use of `Module._load()` can bypass the policy mechanism and require modules outside of the... Critical Unreviewed
CVE-2023-32002 was published Aug 21, 2023
** UNSUPPORTED WHEN ASSIGNED ** Authentication Bypass vulnerability in D-Link DIR-895 FW102b07... Critical Unreviewed
CVE-2023-36091 was published Jul 31, 2023
AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to... Critical Unreviewed
CVE-2023-34335 was published Jul 6, 2023
The iBoot device’s basic discovery protocol assists in initial device configuration. The... High Unreviewed
CVE-2022-47320 was published Jul 6, 2023
The Web3 – Crypto wallet Login & NFT token gating plugin for WordPress is vulnerable to... Critical Unreviewed
CVE-2023-3249 was published Jun 30, 2023
The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2023-2834 was published Jun 30, 2023
A security defect was identified in Foundry Issues. If a user was added to an issue on a resource... Moderate Unreviewed
CVE-2023-30946 was published Jun 29, 2023
The WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin for WordPress... Critical Unreviewed
CVE-2023-2982 was published Jun 29, 2023
The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication... Critical Unreviewed
CVE-2023-2986 was published Jun 8, 2023
The Better Search plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up... Moderate Unreviewed
CVE-2021-4373 was published Jun 7, 2023
The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2020-36724 was published Jun 7, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2020-36713 was published Jun 7, 2023
The WP User Switch plugin for WordPress is vulnerable to authentication bypass in versions up to,... High Unreviewed
CVE-2023-2546 was published Jun 6, 2023
The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication... Critical Unreviewed
CVE-2023-2781 was published Jun 3, 2023
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass... Moderate Unreviewed
CVE-2022-36249 was published May 30, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2023-2733 was published May 25, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2023-2732 was published May 25, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2023-2734 was published May 25, 2023
A proprietary protocol for iBoot devices is used for control and keepalive commands. The function... High Unreviewed
CVE-2022-47311 was published May 23, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database