Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,779
Erlang
36
GitHub Actions
29
Go
2,338
Maven
5,000+
npm
3,972
NuGet
714
pip
3,769
Pub
12
RubyGems
923
Rust
976
Swift
38
Unreviewed advisories
All unreviewed
5,000+

76 advisories

Loading
OpenStack Neutron Improper Authentication vulnerability Moderate
CVE-2014-0056 was published for neutron (pip) May 17, 2022
OpenStack Keystone Improper Authentication vulnerability High
CVE-2012-4456 was published for keystone (pip) May 14, 2022
Lin CMS vulnerable to Improper Authentication Moderate
CVE-2022-44244 was published for Lin-CMS (Maven) Nov 10, 2022
aruneko richardfan0606
Shinken Solutions Shinken Monitoring vulnerable to Incorrect Access Control Critical
CVE-2022-37298 was published for Shinken (pip) Oct 20, 2022
When matrix-nio receives forwarded room keys, the receiver doesn't check if it requested the key from the forwarder High
CVE-2022-39254 was published for matrix-nio (pip) Sep 30, 2022
Zope DTML implementation Improper Authentication High
CVE-2000-0062 was published for zope (pip) Apr 30, 2022
Zope does not properly perform security registration for legacy names High
CVE-2000-1211 was published for zope (pip) Apr 30, 2022
Zope DocumentTemplate package allows unauthenticated write Moderate
CVE-2000-0483 was published for zope (pip) May 3, 2022
asyncua Improper Authentication vulnerability High
CVE-2023-26150 was published for asyncua (pip) Oct 3, 2023
Sentry vulnerable to incorrect credential validation on OAuth token requests Moderate
CVE-2023-39531 was published for sentry (pip) Aug 9, 2023
EricHasegawa
OpenStack Keystone Token authorization for a user in a disabled tenant is allowed Moderate
CVE-2012-4457 was published for Keystone (pip) May 14, 2022
OctoPrint Unverified Password Change via Access Control Settings Moderate
CVE-2024-23637 was published for OctoPrint (pip) Jan 31, 2024
tkruppert
Flask-AppBuilder vulnerable to incorrect authentication when using auth type OpenID Critical
CVE-2024-25128 was published for Flask-AppBuilder (pip) Feb 28, 2024
parantheses dpgaspar
OpenStack Octavia Amphora-Agent not requiring Client-Certificate Critical
CVE-2019-17134 was published for octavia (pip) May 24, 2022
OpenStack Keystone allows context-dependent attackers to bypass access restrictions Moderate
CVE-2013-0282 was published for Keystone (pip) May 5, 2022
jupyter-scheduler's endpoint is missing authentication Moderate
CVE-2024-28188 was published for jupyter-scheduler (pip) May 23, 2024
krassowski Carreau
andrii-i dlqqq yuvipanda
VNCAuthProxy authentication bypass vulnerability Critical
CVE-2022-36436 was published for vncauthproxy (pip) Sep 16, 2022
LDAP authentication bypass with empty password Critical
CVE-2020-26214 was published for alerta-server (pip) Nov 6, 2020
CasperGN
AsyncSSH SSH Server Authentication Bypass Critical
CVE-2018-7749 was published for AsyncSSH (pip) May 14, 2022
Authentication bypass in Apache Airflow Critical
CVE-2020-13927 was published for apache-airflow (pip) Apr 30, 2021
sunSUNQ
Apache IoTDB Grafana Connector vulnerable to Improper Authentication Critical
CVE-2023-24831 was published for apache-iotdb (Maven) Apr 17, 2023
Improper Authentication in Apache Airflow Moderate
CVE-2021-26697 was published for apache-airflow (pip) Jun 18, 2021
sunSUNQ
botframework-connector vulnerable to Improper Authentication High
GHSA-cqff-fx2x-p86v was published for botframework-connector (pip) Mar 8, 2021
Improper Authentication in Buildbot Critical
CVE-2019-12300 was published for buildbot (pip) May 29, 2019
Improper Authentication in django-mfa3 High
CVE-2022-24857 was published for django-mfa3 (pip) Apr 22, 2022
stefanw
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database