Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,245 advisories

Loading
Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function... High Unreviewed
CVE-2023-38123 was published May 3, 2024
NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-27357 was published May 3, 2024
A missing authentication for critical function vulnerability has been reported to affect... Critical Unreviewed
CVE-2024-32764 was published Apr 26, 2024
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege... Critical Unreviewed
CVE-2023-51478 was published Apr 25, 2024
An unauthenticated attacker can reset the board and stop transmitter operations by sending a... Moderate Unreviewed
CVE-2024-21846 was published Apr 19, 2024
The devices allow access to an unprotected endpoint that allows MPFS file system binary image... High Unreviewed
CVE-2024-1491 was published Apr 19, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2024-21007 was published Apr 17, 2024
Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications... Critical Unreviewed
CVE-2024-21014 was published Apr 17, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2024-21006 was published Apr 17, 2024
An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an... High Unreviewed
CVE-2023-4857 was published Apr 15, 2024
The system application (com.transsion.kolun.aiservice) component does not perform an... Critical Unreviewed
CVE-2024-3701 was published Apr 15, 2024
The password reset feature of Ai3 QbiBot lacks proper access control, allowing unauthenticated... Critical Unreviewed
CVE-2024-3777 was published Apr 15, 2024
aEnrich Technology a+HRD's functionality for front-end retrieval of system configuration values... Moderate Unreviewed
CVE-2024-3774 was published Apr 15, 2024
A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe... Moderate Unreviewed
CVE-2024-30391 was published Apr 12, 2024
Windows Update Stack Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-26235 was published Apr 9, 2024
A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in... High Unreviewed
CVE-2024-3281 was published Apr 9, 2024
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive... Critical Unreviewed
CVE-2023-1083 was published Apr 9, 2024
A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart... Moderate Unreviewed
CVE-2023-25493 was published Apr 5, 2024
u-boot bug that allows for u-boot shell and interrupt over UART Critical Unreviewed
CVE-2023-48426 was published Apr 5, 2024
** DISPUTED ** A Missing Authentication for Critical Function issue affecting the HTTP service... Moderate Unreviewed
CVE-2023-6949 was published Apr 2, 2024
Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service... High Unreviewed
CVE-2023-51571 was published Apr 2, 2024
Improper access control in PAM vault permissions in Devolutions Server 2024.1.6 and earlier... Critical Unreviewed
CVE-2024-2921 was published Mar 26, 2024
Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue... Moderate Unreviewed
CVE-2022-38057 was published Mar 25, 2024
Jupyter Server Proxy's Websocket Proxying does not require authentication Critical
CVE-2024-28179 was published for jupyter-server-proxy (pip) Mar 20, 2024
yuvipanda consideRatio
manics minrk krassowski dlqqq eddelbuettel
Improper authentication vulnerability in exists in multiple printers and scanners which implement... Moderate Unreviewed
CVE-2024-21824 was published Mar 18, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database