GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,166
Composer 4,339
Erlang 31
GitHub Actions 22
Go 2,099
Maven 5,271
npm 3,763
NuGet 678
pip 3,448
Pub 12
RubyGems 892
Rust 883
Swift 37

Unreviewed advisories

All unreviewed 242,855

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

196 advisories

Filter by severity

Sort by

Least recently updated

TYPO3-EXT-SA-2025-001: Account Takeover in extension "OpenID Connect Authentication" (oidc) Moderate

CVE-2025-24856 was published for causal/oidc (Composer) Jan 28, 2025

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed

CVE-2024-12857 was published Jan 22, 2025

In JetBrains Hub before 2024.3.55417 privilege escalation was possible via LDAP authentication... Moderate Unreviewed

CVE-2025-24456 was published Jan 21, 2025

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting... Critical Unreviewed

CVE-2024-55591 was published Jan 14, 2025

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A... Critical Unreviewed

CVE-2024-12847 was published Jan 10, 2025

The Themes Coder – Create Android & iOS Apps For Your Woocommerce Site plugin for WordPress is... Critical Unreviewed

CVE-2024-12402 was published Jan 7, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in VibeThemes WPLMS allows... Critical Unreviewed

CVE-2024-56044 was published Dec 31, 2024

IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By... Moderate Unreviewed

CVE-2024-51464 was published Dec 21, 2024

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed

CVE-2024-11349 was published Dec 21, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Envato Security Team... Critical Unreviewed

CVE-2024-43234 was published Dec 16, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Wovax, LLC. Wovax IDX... High Unreviewed

CVE-2024-56013 was published Dec 16, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Projectopia Projectopia... High Unreviewed

CVE-2024-54336 was published Dec 13, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Codexpert, Inc CoSchool... Critical Unreviewed

CVE-2024-54296 was published Dec 13, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in www.vbsso.com vBSSO... Critical Unreviewed

CVE-2024-54297 was published Dec 13, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in InspireUI ListApp... Critical Unreviewed

CVE-2024-54295 was published Dec 13, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in appgenixinfotech... Critical Unreviewed

CVE-2024-54294 was published Dec 13, 2024

An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote... Critical Unreviewed

CVE-2024-11639 was published Dec 10, 2024

The Login With OTP plugin for WordPress is vulnerable to authentication bypass in versions up to,... High Unreviewed

CVE-2024-11178 was published Dec 6, 2024

IBM Cognos Controller 11.0.0 and 11.0.1 could allow an authenticated user with local access... Moderate Unreviewed

CVE-2024-25036 was published Dec 3, 2024

An “Authentication Bypass Using an Alternate Path or Channel” vulnerability in the OPC UA Server... High Unreviewed

CVE-2024-10490 was published Dec 2, 2024

Certain models of routers from Billion Electric has an Authentication Bypass vulnerability,... High Unreviewed

CVE-2024-11981 was published Nov 29, 2024

Authentication Bypass Using an Alternate Path or Channel vulnerability in Automation Web Platform... Critical Unreviewed

CVE-2024-52475 was published Nov 28, 2024

The JobSearch WP Job Board plugin for WordPress is vulnerable to privilege escalation in all... Critical Unreviewed

CVE-2024-11925 was published Nov 28, 2024

"sessionlist.html" and "sys_trayentryreboot.html" are accessible with no authentication. ... Critical Unreviewed

CVE-2024-33610 was published Nov 26, 2024

The Social Login plugin for WordPress is vulnerable to authentication bypass in all versions up... Critical Unreviewed

CVE-2024-10961 was published Nov 23, 2024

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

196 advisories