GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,856
Composer 4,262
Erlang 31
GitHub Actions 21
Go 2,030
Maven 5,210
npm 3,732
NuGet 662
pip 3,409
Pub 12
RubyGems 891
Rust 865
Swift 36

Unreviewed advisories

All unreviewed 237,452

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

231 advisories

Filter by severity

Sort by

Least recently updated

The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for... Moderate Unreviewed

CVE-2023-38523 was published Jul 20, 2023

The Message Display Tool (MDT) of SAP NetWeaver Process Integration - version SAP_XIAF 7.50, does... Moderate Unreviewed

CVE-2023-35872 was published Jul 11, 2023

The Runtime Workbench (RWB) of SAP NetWeaver Process Integration - version SAP_XITOOL 7.50, does... Moderate Unreviewed

CVE-2023-35873 was published Jul 11, 2023

In SAP NetWeaver Enterprise Portal - version 7.50, an unauthenticated attacker can attach to an... Moderate Unreviewed

CVE-2023-28761 was published Jul 6, 2023

An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message... Moderate Unreviewed

CVE-2023-34761 was published Jun 28, 2023

SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital... Moderate Unreviewed

CVE-2023-2827 was published Jun 13, 2023

On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can... Moderate Unreviewed

CVE-2023-2187 was published Jun 7, 2023

It is identified a vulnerability of insufficient authentication in an important specific function... Moderate Unreviewed

CVE-2023-25780 was published Jun 2, 2023

Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass... Moderate Unreviewed

CVE-2022-36249 was published May 30, 2023

Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data... Moderate Unreviewed

CVE-2023-23545 was published May 23, 2023

A vulnerability in the social login configuration option for the guest users of Cisco Business... Moderate Unreviewed

CVE-2023-20003 was published May 18, 2023

PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be... Moderate Unreviewed

CVE-2022-40725 was published Apr 25, 2023

An issue was discovered in DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. The... Moderate Unreviewed

CVE-2023-27571 was published Apr 15, 2023

SAP NetWeaver AS Java for Deploy Service - version 7.5, does not perform any access control... Moderate Unreviewed

CVE-2023-24527 was published Apr 11, 2023

The Bluetooth module has an authentication bypass vulnerability in the pairing process.... Moderate Unreviewed

CVE-2022-48291 was published Mar 28, 2023

In Couchbase Server 5 through 7 before 7.1.4, the nsstats endpoint is accessible without... Moderate Unreviewed

CVE-2023-28470 was published Mar 23, 2023

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server... Moderate Unreviewed

CVE-2023-27983 was published Mar 21, 2023

SAP NetWeaver Application Server Java for Classload Service - version 7.50, does not perform any... Moderate Unreviewed

CVE-2023-24526 was published Mar 14, 2023

Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791,... Moderate Unreviewed

CVE-2023-25615 was published Mar 14, 2023

VMware Workspace ONE Content contains a passcode bypass vulnerability. A malicious actor, with... Moderate Unreviewed

CVE-2023-20857 was published Feb 28, 2023

Palantir Gotham included an unauthenticated endpoint that listed all active usernames on the... Moderate Unreviewed

CVE-2022-27891 was published Feb 16, 2023

The vulnerability allows a remote unauthenticated attacker to download a backup file, if one... Moderate Unreviewed

CVE-2022-3738 was published Jan 19, 2023

Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where... Moderate Unreviewed

CVE-2022-3188 was published Dec 22, 2022

ZKTeco BioTime 8.5.4 is missing authentication on folders containing employee photos, allowing an... Moderate Unreviewed

CVE-2022-30515 was published Nov 9, 2022

Fedora CoreOS supports setting a GRUB bootloader password using a Butane config. When this... Moderate Unreviewed

CVE-2022-3675 was published Nov 3, 2022

Previous 1 2 3 4 5 6 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

231 advisories