GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,262
Erlang
31
GitHub Actions
21
Go
2,030
Maven
5,000+
npm
3,732
NuGet
662
pip
3,409
Pub
12
RubyGems
891
Rust
865
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
326 advisories
Filter by severity
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to...
High
Unreviewed
CVE-2023-43045
was published
Oct 23, 2023
Vulnerability in the Hospitality OPERA 5 Property Services product of Oracle Hospitality...
High
Unreviewed
CVE-2023-22087
was published
Oct 18, 2023
An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored...
High
Unreviewed
CVE-2023-4884
was published
Oct 3, 2023
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update...
High
Unreviewed
CVE-2023-4516
was published
Sep 14, 2023
A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions...
High
Unreviewed
CVE-2023-39981
was published
Sep 2, 2023
A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering...
High
Unreviewed
CVE-2023-34392
was published
Aug 31, 2023
In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external...
High
Unreviewed
CVE-2023-40598
was published
Aug 30, 2023
Saho’s attendance devices ADM100 and ADM-100FP have a vulnerability of missing authentication...
High
Unreviewed
CVE-2023-38030
was published
Aug 28, 2023
Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the...
High
Unreviewed
CVE-2023-38422
was published
Aug 24, 2023
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any...
High
Unreviewed
CVE-2023-4335
was published
Aug 15, 2023
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
High
Unreviewed
CVE-2023-4334
was published
Aug 15, 2023
Permission control vulnerability in the audio module. Successful exploitation of this...
High
Unreviewed
CVE-2023-39380
was published
Aug 13, 2023
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected...
High
Unreviewed
CVE-2023-37373
was published
Aug 8, 2023
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:...
High
Unreviewed
CVE-2023-22047
was published
Jul 18, 2023
The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows...
High
Unreviewed
CVE-2023-38379
was published
Jul 16, 2023
SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7...
High
Unreviewed
CVE-2023-35874
was published
Jul 11, 2023
Missing Authentication for Critical Function vulnerability in Honeywell OneWireless allows...
High
Unreviewed
CVE-2022-4240
was published
Jul 6, 2023
Due to missing authentication and insufficient input validation, the OSCommand Bridge of SAP...
High
Unreviewed
CVE-2023-27267
was published
Jul 6, 2023
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac...
High
Unreviewed
CVE-2023-0052
was published
Jul 6, 2023
Authentication is currently unsupported in Haas Controller version 100.20.000.1110 when using the...
High
Unreviewed
CVE-2022-2474
was published
Jul 6, 2023
Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1...
High
Unreviewed
CVE-2023-30643
was published
Jul 6, 2023
Hero Qubo HCD01_02_V1.38_20220125 devices allow TELNET access with root privileges by default,...
High
Unreviewed
CVE-2023-22906
was published
Jul 4, 2023
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows...
High
Unreviewed
CVE-2023-36347
was published
Jun 30, 2023
Missing authentication for critical function in Wi-Fi AP UNIT allows a remote unauthenticated...
High
Unreviewed
CVE-2023-31196
was published
Jun 13, 2023
The reminder module lacks an authentication mechanism for broadcasts received. Successful...
High
Unreviewed
CVE-2023-0116
was published
May 26, 2023
ProTip!
Advisories are also available from the
GraphQL API