Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,783
NuGet
683
pip
3,463
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

203 advisories

Loading
Authentication Bypass Using an Alternate Path or Channel vulnerability in Automation Web Platform... Critical Unreviewed
CVE-2024-52475 was published Nov 28, 2024
Certain models of routers from Billion Electric has an Authentication Bypass vulnerability,... High Unreviewed
CVE-2024-11981 was published Nov 29, 2024
An “Authentication Bypass Using an Alternate Path or Channel” vulnerability in the OPC UA Server... High Unreviewed
CVE-2024-10490 was published Dec 2, 2024
IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user with local access... Moderate Unreviewed
CVE-2024-25036 was published Dec 3, 2024
The Login With OTP plugin for WordPress is vulnerable to authentication bypass in versions up to,... High Unreviewed
CVE-2024-11178 was published Dec 6, 2024
An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote... Critical Unreviewed
CVE-2024-11639 was published Dec 10, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in appgenixinfotech... Critical Unreviewed
CVE-2024-54294 was published Dec 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in InspireUI ListApp... Critical Unreviewed
CVE-2024-54295 was published Dec 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Codexpert, Inc CoSchool... Critical Unreviewed
CVE-2024-54296 was published Dec 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in www.vbsso.com vBSSO... Critical Unreviewed
CVE-2024-54297 was published Dec 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Projectopia Projectopia... High Unreviewed
CVE-2024-54336 was published Dec 13, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Wovax, LLC. Wovax IDX... High Unreviewed
CVE-2024-56013 was published Dec 16, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in Envato Security Team... Critical Unreviewed
CVE-2024-43234 was published Dec 16, 2024
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed
CVE-2024-11349 was published Dec 21, 2024
IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By... Moderate Unreviewed
CVE-2024-51464 was published Dec 21, 2024
Authentication Bypass Using an Alternate Path or Channel vulnerability in VibeThemes WPLMS allows... Critical Unreviewed
CVE-2024-56044 was published Dec 31, 2024
The Themes Coder – Create Android & iOS Apps For Your Woocommerce Site plugin for WordPress is... Critical Unreviewed
CVE-2024-12402 was published Jan 7, 2025
NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A... Critical Unreviewed
CVE-2024-12847 was published Jan 10, 2025
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting... Critical Unreviewed
CVE-2024-55591 was published Jan 14, 2025
In JetBrains Hub before 2024.3.55417 privilege escalation was possible via LDAP authentication... Moderate Unreviewed
CVE-2025-24456 was published Jan 21, 2025
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed
CVE-2024-12857 was published Jan 22, 2025
TYPO3-EXT-SA-2025-001: Account Takeover in extension "OpenID Connect Authentication" (oidc) Moderate
CVE-2025-24856 was published for causal/oidc (Composer) Jan 28, 2025
BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated... Critical Unreviewed
CVE-2025-0364 was published Feb 4, 2025
Mitmweb API Authentication Bypass Using Proxy Server High
CVE-2025-23217 was published for mitmproxy (pip) Feb 6, 2025
gronke mhils
The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed
CVE-2025-1061 was published Feb 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database