GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,903

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

171 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The FindAll Membership plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed

CVE-2025-13539 was published Nov 27, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in ABB ABB Ability... Critical Unreviewed

CVE-2025-10571 was published Nov 20, 2025

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A... Critical Unreviewed

CVE-2024-12847 was published Jan 10, 2025

The Itel DAB MUX (IDMUX build c041640a) is vulnerable to Authentication Bypass due to improper... Critical Unreviewed

CVE-2025-63217 was published Nov 19, 2025

An Authentication Bypass issue in CentralSquare Community Development 19.5.7 allows attackers to... Critical Unreviewed

CVE-2025-64281 was published Nov 12, 2025

Authentication Bypass Using an Alternate Path or Channel vulnerability in Elated-Themes Search &... Critical Unreviewed

CVE-2025-62064 was published Nov 6, 2025

An authentication bypass vulnerability has been identified in certain DSL series routers, may... Critical Unreviewed

CVE-2025-59367 was published Nov 13, 2025

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the... Critical Unreviewed

CVE-2025-2747 was published Mar 24, 2025

An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the... Critical Unreviewed

CVE-2025-2746 was published Mar 24, 2025

"sessionlist.html" and "sys_trayentryreboot.html" are accessible with no authentication. ... Critical Unreviewed

CVE-2024-33610 was published Nov 26, 2024

An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda... Critical Unreviewed

CVE-2025-27129 was published Aug 20, 2025

The Noo JobMonster theme for WordPress is vulnerable to Authentication Bypass in all versions up... Critical Unreviewed

CVE-2025-5397 was published Oct 31, 2025

An unauthenticated user can connect to a publicly accessible database using arbitrary credentials... Critical Unreviewed

CVE-2025-9313 was published Oct 28, 2025

An Authentication Bypass Using an Alternate Path or Channel vulnerability [CWE-288] affecting... Critical Unreviewed

CVE-2024-55591 was published Jan 14, 2025

In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions... Critical Unreviewed

CVE-2024-27198 was published Mar 4, 2024

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server... Critical Unreviewed

CVE-2023-42793 was published Sep 19, 2023

Undisclosed requests may bypass configuration utility authentication, allowing an attacker with... Critical Unreviewed

CVE-2023-46747 was published Oct 26, 2023

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA)... Critical Unreviewed

CVE-2023-20269 was published Sep 6, 2023

The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote... Critical Unreviewed

CVE-2020-10148 was published May 24, 2022

The affected Raisecom devices allow SSH sessions to be established without completing user... Critical Unreviewed

CVE-2025-11534 was published Oct 21, 2025

The OwnID Passwordless Login plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed

CVE-2025-10294 was published Oct 15, 2025

The Orion SMS OTP Verification plugin for WordPress is vulnerable to privilege escalation via... Critical Unreviewed

CVE-2025-9967 was published Oct 15, 2025

The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication... Critical Unreviewed

CVE-2025-11522 was published Oct 9, 2025

The Spirit Framework plugin for WordPress is vulnerable to authentication bypass in all versions... Critical Unreviewed

CVE-2025-6388 was published Oct 3, 2025

anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and... Critical Unreviewed

CVE-2024-7314 was published Aug 2, 2024

Previous1…7 Next

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

171 advisories