GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,794
Composer 4,248
Erlang 31
GitHub Actions 21
Go 2,017
Maven 5,202
npm 3,722
NuGet 662
pip 3,400
Pub 11
RubyGems 890
Rust 857
Swift 36

Unreviewed advisories

All unreviewed 236,317

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

230 advisories

Filter by severity

Sort by

Least recently updated

A missing authentication check in the WebSocket channel used for the Check Point IoT integration... Moderate Unreviewed

CVE-2023-5253 was published Jan 15, 2024

An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions... Moderate Unreviewed

CVE-2023-51062 was published Jan 13, 2024

NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication... Moderate Unreviewed

CVE-2023-31033 was published Jan 12, 2024

Microsoft Bluetooth Driver Spoofing Vulnerability Moderate Unreviewed

CVE-2024-21306 was published Jan 9, 2024

In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an... Moderate Unreviewed

CVE-2023-6368 was published Dec 14, 2023

The FACSChorus workstation operating system does not restrict what devices can interact with its... Moderate Unreviewed

CVE-2023-29060 was published Nov 28, 2023

There is no BIOS password on the FACSChorus workstation. A threat actor with physical access to... Moderate Unreviewed

CVE-2023-29061 was published Nov 28, 2023

Lack of authentication vulnerability. An unauthenticated local user is able to see through the... Moderate Unreviewed

CVE-2023-3104 was published Nov 22, 2023

A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). The PUD Manager of... Moderate Unreviewed

CVE-2023-46096 was published Nov 14, 2023

Missing Authentication in Apache Software Foundation Apache OFBiz when using the Solr plugin.... Moderate Unreviewed

CVE-2023-46819 was published Nov 10, 2023

An authentication issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed

CVE-2023-42845 was published Oct 25, 2023

PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring... Moderate Unreviewed

CVE-2023-39231 was published Oct 25, 2023

Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3... Moderate Unreviewed

CVE-2023-27261 was published Oct 25, 2023

Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and... Moderate Unreviewed

CVE-2023-27256 was published Oct 25, 2023

Missing authentication in the DeleteStaff method in IDAttend’s IDWeb application 3.1.013 allows... Moderate Unreviewed

CVE-2023-26579 was published Oct 25, 2023

The Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2023-4505 was published Sep 27, 2023

The Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP... Moderate Unreviewed

CVE-2023-4506 was published Sep 27, 2023

Sensitive information disclosure and manipulation due to improper authentication. The following... Moderate Unreviewed

CVE-2023-44152 was published Sep 27, 2023

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX... Moderate Unreviewed

CVE-2023-36851 was published Sep 27, 2023

Due to missing authentication check in webdynpro application, an unauthorized user in SAP... Moderate Unreviewed

CVE-2023-41367 was published Sep 13, 2023

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX... Moderate Unreviewed

CVE-2023-36847 was published Aug 17, 2023

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX... Moderate Unreviewed

CVE-2023-36846 was published Aug 17, 2023

SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an... Moderate Unreviewed

CVE-2023-39436 was published Aug 8, 2023

Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker... Moderate Unreviewed

CVE-2023-36926 was published Aug 8, 2023

The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for... Moderate Unreviewed

CVE-2023-38523 was published Jul 20, 2023

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

230 advisories