Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,124
Maven
5,000+
npm
3,787
NuGet
683
pip
3,467
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

185 advisories

Loading
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting... High Unreviewed
CVE-2025-24472 was published Feb 11, 2025
The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in... High Unreviewed
CVE-2024-6635 was published Jul 20, 2024
The WP Foodbakery plugin for WordPress is vulnerable to privilege escalation via account takeover... Critical Unreviewed
CVE-2025-0181 was published Feb 11, 2025
The WP Directorybox Manager plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed
CVE-2025-0316 was published Feb 9, 2025
The WooCommerce - Social Login plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed
CVE-2024-7503 was published Aug 12, 2024
The Nextend Social Login Pro plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed
CVE-2025-1061 was published Feb 7, 2025
Multiple Elber products are affected by an authentication bypass vulnerability which allows... Critical Unreviewed
CVE-2025-0674 was published Feb 7, 2025
In multiple functions of AccountManagerService.java, there is a possible loading of arbitrary... High Unreviewed
CVE-2023-21098 was published Apr 19, 2023
BigAntSoft BigAnt Server, up to and including version 5.6.06, is vulnerable to unauthenticated... Critical Unreviewed
CVE-2025-0364 was published Feb 4, 2025
In JetBrains Hub before 2024.3.55417 privilege escalation was possible via LDAP authentication... Moderate Unreviewed
CVE-2025-24456 was published Jan 21, 2025
The CE21 Suite plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2024-10284 was published Nov 9, 2024
The Miniorange OTP Verification with Firebase plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-9861 was published Oct 17, 2024
Undisclosed requests may bypass configuration utility authentication, allowing an attacker... Critical Unreviewed
CVE-2023-46747 was published Oct 26, 2023
The web server of affected devices do not properly authenticate user request to the '/ClientArea... Moderate Unreviewed
CVE-2024-46887 was published Oct 8, 2024
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed
CVE-2024-12857 was published Jan 22, 2025
A authentication bypass using an alternate path or channel in Fortinet FortiClientWindows version... High Unreviewed
CVE-2024-47574 was published Nov 13, 2024
Authentication Bypass vulnerability in Hitachi Ops Center Common Services.This issue affects... High Unreviewed
CVE-2024-7125 was published Aug 27, 2024
Even if the authentication fails for local service authentication, the requested command could... Critical Unreviewed
CVE-2022-46732 was published Jan 18, 2023
An authentication bypass in the admin web console of Ivanti CSA before 5.0.3 allows a remote... Critical Unreviewed
CVE-2024-11639 was published Dec 10, 2024
An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting... Critical Unreviewed
CVE-2024-55591 was published Jan 14, 2025
NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A... Critical Unreviewed
CVE-2024-12847 was published Jan 10, 2025
The Themes Coder – Create Android & iOS Apps For Your Woocommerce Site plugin for WordPress is... Critical Unreviewed
CVE-2024-12402 was published Jan 7, 2025
Authentication Bypass Using an Alternate Path or Channel vulnerability in VibeThemes WPLMS allows... Critical Unreviewed
CVE-2024-56044 was published Dec 31, 2024
IBM i 7.3, 7.4, and 7.5 is vulnerable to bypassing Navigator for i interface restrictions. By... Moderate Unreviewed
CVE-2024-51464 was published Dec 21, 2024
The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to,... Critical Unreviewed
CVE-2024-11349 was published Dec 21, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database