GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,204
Composer 4,802
Erlang 36
GitHub Actions 29
Go 2,386
Maven 5,773
npm 4,016
NuGet 720
pip 3,811
Pub 12
RubyGems 930
Rust 988
Swift 38

Unreviewed advisories

All unreviewed 263,101

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

29 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A state machine transition flaw in the Bluetooth Low Energy (BLE) stack of Cypress PSoC4 v3.66... High Unreviewed

CVE-2025-44557 was published Jun 27, 2025

An Incorrect Implementation of Authentication Algorithm and Exposure of Data Element to Wrong Ses... Moderate Unreviewed

CVE-2024-8314 was published Mar 25, 2025

Windows NTLM V1 Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2025-21311 was published Jan 14, 2025

Authentication bypass condition in LDAP authentication in M-Files server versions before 24.11... Critical Unreviewed

CVE-2024-10127 was published Nov 20, 2024

In WS_FTP Server versions before 8.8.9 (2022.0.9), an Incorrect Implementation of Authentication... Moderate Unreviewed

CVE-2024-9999 was published Nov 12, 2024

Mattermost versions 9.11.x <= 9.11.2, and 9.5.x <= 9.5.10 fail to protect the mfa code against... Low Unreviewed

CVE-2024-36250 was published Nov 9, 2024

An authentication bypass vulnerability in GoAnywhere MFT prior to 7.6.0 allows Admin Users with... Moderate Unreviewed

CVE-2024-25157 was published Aug 14, 2024

In JetBrains TeamCity before 2024.07 an OAuth code for JetBrains Space could be stolen via Space... Low Unreviewed

CVE-2024-41829 was published Jul 22, 2024

Inappropriate implementation in Skia in Google Chrome prior to 115.0.5790.98 allowed a remote... Critical Unreviewed

CVE-2023-4860 was published Jul 17, 2024

In smp_proc_rand of smp_act.cc, there is a possible authentication bypass during legacy BLE... High Unreviewed

CVE-2024-34722 was published Jul 9, 2024

An authentication bypass vulnerability has been identified in the REST and SOAP API components of... Unknown Unreviewed

CVE-2024-4332 was published Jun 3, 2024

An authentication bypass vulnerability was present in the GitHub Enterprise Server (GHES) when... Critical Unreviewed

CVE-2024-4985 was published May 21, 2024

D-Link DIR-X3260 prog.cgi Incorrect Implementation of Authentication Algorithm Authentication... High Unreviewed

CVE-2023-44420 was published May 3, 2024

D-Link DIR-2150 HNAP Incorrect Implementation of Authentication Algorithm Authentication Bypass... High Unreviewed

CVE-2023-34282 was published May 3, 2024

D-Link DIR-2150 LoginPassword Incorrect Implementation of Authentication Algorithm Authentication... High Unreviewed

CVE-2023-34274 was published May 3, 2024

D-Link DIR-2640 HNAP LoginPassword Authentication Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed

CVE-2023-32152 was published May 3, 2024

D-Link DIR-2640 HNAP PrivateLogin Authentication Bypass Vulnerability. This vulnerability allows... Moderate Unreviewed

CVE-2023-32148 was published May 3, 2024

Windows Kerberos Elevation of Privilege Vulnerability High Unreviewed

CVE-2024-26248 was published Apr 9, 2024

An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers allow... High Unreviewed

CVE-2021-42146 was published Jan 24, 2024

Insufficient authentication flow in Checkmk before 2.2.0p17, 2.1.0p37 and 2.0.0p39 allows... High Unreviewed

CVE-2023-31211 was published Jan 12, 2024

A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password... Moderate Unreviewed

CVE-2023-4641 was published Dec 27, 2023

pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket... Critical Unreviewed

CVE-2023-3326 was published Jun 22, 2023

A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.17.3... Critical Unreviewed

CVE-2023-29129 was published Jun 13, 2023

An authentication bypass vulnerability exists in the Authentication functionality of Weston... High Unreviewed

CVE-2022-41985 was published May 10, 2023

This vulnerability allows network-adjacent attackers to disclose sensitive information on... Moderate Unreviewed

CVE-2022-43635 was published Mar 29, 2023

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

29 advisories