GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
249 advisories
Filter by severity
Zendesk before 2024-07-02 allows remote attackers to read ticket history via e-mail spoofing,...
High
Unreviewed
CVE-2024-49193
was published
Oct 12, 2024
Mellium allows Authentication Bypass by Spoofing
Critical
CVE-2024-46957
was published
for
mellium.im/xmpp
(Go)
Sep 25, 2024
Authentication Bypass by Spoofing vulnerability in Peter Hardy-vanDoorn Maintenance Redirect...
Low
Unreviewed
CVE-2024-45453
was published
Sep 23, 2024
CoreDNS Cache Poisoning via a birthday attack
Low
CVE-2023-30464
was published
for
github.com/coredns/coredns
(Go)
Sep 18, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7...
Critical
Unreviewed
CVE-2024-6678
was published
Sep 12, 2024
An incorrectly implemented authentication scheme that is subjected to a spoofing attack in the...
High
Unreviewed
CVE-2024-44104
was published
Sep 10, 2024
In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor...
Moderate
Unreviewed
CVE-2024-7745
was published
Aug 28, 2024
Typecho v1.3.0 was discovered to contain a race condition vulnerability in the post commenting...
Moderate
Unreviewed
CVE-2024-35539
was published
Aug 19, 2024
Typecho v1.3.0 was discovered to contain a Client IP Spoofing vulnerability, which allows...
Moderate
Unreviewed
CVE-2024-35538
was published
Aug 19, 2024
An IP Spoofing vulnerability has been discovered in Likeshop up to 2.5.7.20210811. This issue...
Moderate
Unreviewed
CVE-2024-41432
was published
Aug 7, 2024
Apache SeaTunnel Web Authentication vulnerability
High
CVE-2023-48396
was published
for
org.apache.seatunnel:seatunnel-web
(Maven)
Jul 30, 2024
The CloudStack SAML authentication (disabled by default) does not enforce signature check. In...
High
Unreviewed
CVE-2024-41107
was published
Jul 19, 2024
PingOne MFA Integration Kit contains a vulnerability where the skipMFA action can be configured...
High
Unreviewed
CVE-2023-40702
was published
Jul 9, 2024
PingOne MFA Integration Kit contains a vulnerability related to the Prompt Users to Set Up MFA...
High
Unreviewed
CVE-2023-40356
was published
Jul 9, 2024
Authentication Bypass by Spoofing vulnerability in Patreon Patreon WordPress allows Functionality...
Moderate
Unreviewed
CVE-2024-37430
was published
Jul 9, 2024
Certain http endpoints of Checkmk in Checkmk < 2.3.0p10 < 2.2.0p31, < 2.1.0p46, <= 2.0.0p39...
Moderate
Unreviewed
CVE-2024-6163
was published
Jul 8, 2024
Security check loophole in HAProxy release (in combination with routing release) in Cloud Foundry...
Critical
Unreviewed
CVE-2024-37082
was published
Jul 3, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-30058
was published
Jun 13, 2024
A low severity vulnerability in BIPS has been identified where an attacker with high privileges...
Low
Unreviewed
CVE-2024-5812
was published
Jun 11, 2024
Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode...
Low
Unreviewed
CVE-2024-35749
was published
Jun 10, 2024
A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can...
High
Unreviewed
CVE-2024-5037
was published
Jun 5, 2024
Authentication Bypass by Spoofing vulnerability in miniorange Malware Scanner allows Accessing...
Moderate
Unreviewed
CVE-2023-52176
was published
Jun 4, 2024
Authentication Bypass by Spoofing vulnerability in FeedbackWP Rate my Post – WP Rating System...
Moderate
Unreviewed
CVE-2023-51667
was published
Jun 4, 2024
Authentication Bypass by Spoofing vulnerability in Metagauss RegistrationMagic allows Accessing...
Moderate
Unreviewed
CVE-2023-51543
was published
Jun 4, 2024
Authentication Bypass by Spoofing vulnerability in WPMU DEV Branda allows Accessing Functionality...
Moderate
Unreviewed
CVE-2023-51542
was published
Jun 4, 2024
ProTip!
Advisories are also available from the
GraphQL API