Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,752
Maven
5,000+
npm
4,357
NuGet
765
pip
4,121
Pub
12
RubyGems
961
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

35 advisories

Loading
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature... Critical Unreviewed
CVE-2023-27536 was published Mar 30, 2023
Froxlor is vulnerable to authentication bypass Critical
CVE-2023-1307 was published for froxlor/froxlor (Composer) Mar 10, 2023
Authentication Bypass in modoboa Critical
CVE-2023-0777 was published for modoboa (pip) Feb 10, 2023
golang-nanoauth authentication bypass vulnerability Critical
CVE-2020-36569 was published for github.com/nanobox-io/golang-nanoauth (Go) Dec 28, 2022
andrewpollock
Credited to andrewpollock
Authentication Bypass by Primary Weakness in GitHub repository kareadita/kavita prior to 0.6.0.3. Critical Unreviewed
CVE-2022-3993 was published Nov 14, 2022
Authentication Bypass by Primary Weakness in GitHub repository bookwyrm-social/bookwyrm prior to... Critical Unreviewed
CVE-2022-2651 was published Aug 5, 2022
A vulnerability in MEPSAN's USC+ before version 3.0 has a weakness in login function which lets... Critical Unreviewed
CVE-2021-45031 was published Mar 31, 2022
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication... Critical Unreviewed
CVE-2022-0547 was published Mar 19, 2022
Authentication Bypass in ADOdb/ADOdb Critical
CVE-2021-3850 was published for adodb/adodb-php (Composer) Jan 27, 2022
meme-lord dregad
Credited to meme-lord and dregad
Authentication Bypass by CSRF Weakness Critical
GHSA-5629-8855-gf4g was published for solidus_core (RubyGems) Nov 18, 2021
oliverchang
Credited to oliverchang
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database