GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,889
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,942
npm 4,147
NuGet 735
pip 3,948
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,422 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM Storage Scale Container Native Storage Access 5.1.2.1 -through 5.1.7.0 could allow an... High Unreviewed

CVE-2022-41738 was published Feb 17, 2024

Publicly known cryptographic machine key in AlayaCare's Procura Portal before 9.0.1.2 allows... High Unreviewed

CVE-2023-6451 was published Feb 16, 2024

Adobe Framemaker versions 2022.1 and earlier are affected by an Improper Authentication... Critical Unreviewed

CVE-2024-20738 was published Feb 15, 2024

CWE-287: Improper Authentication vulnerability exists that could cause unauthorized tampering of... High Unreviewed

CVE-2024-0568 was published Feb 14, 2024

Improper authentication in some Zoom clients may allow a privileged user to conduct a disclosure... Moderate Unreviewed

CVE-2024-24698 was published Feb 14, 2024

Microsoft Exchange Server Elevation of Privilege Vulnerability Critical Unreviewed

CVE-2024-21410 was published Feb 13, 2024

A vulnerability has been identified in Polarion ALM (All versions). The REST API endpoints of... High Unreviewed

CVE-2024-23813 was published Feb 13, 2024

Code-projects Simple School Managment System 1.0 allows Authentication Bypass via the username... High Unreviewed

CVE-2024-25313 was published Feb 9, 2024

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with... High Unreviewed

CVE-2023-51761 was published Feb 9, 2024

An issue in Daily Habit Tracker v.1.0 allows a remote attacker to manipulate trackers via the... Critical Unreviewed

CVE-2024-24496 was published Feb 8, 2024

An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature... Critical Unreviewed

CVE-2024-22394 was published Feb 8, 2024

Sensitive data can be extracted from HID iCLASS SE reader configuration cards. This could... Moderate Unreviewed

CVE-2024-23806 was published Feb 7, 2024

An improper authentication vulnerability has been reported to affect several QNAP operating... Moderate Unreviewed

CVE-2023-39303 was published Feb 2, 2024

IBM PowerSC 1.3, 2.0, and 2.1 uses single-factor authentication which can lead to unnecessary... Moderate Unreviewed

CVE-2023-50934 was published Feb 2, 2024

Gessler GmbH WEB-MASTER has a restoration account that uses weak hard coded credentials and if... Critical Unreviewed

CVE-2024-1039 was published Feb 2, 2024

ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers... Moderate Unreviewed

CVE-2023-47256 was published Feb 2, 2024

A vulnerability was found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified as... High Unreviewed

CVE-2024-1006 was published Jan 29, 2024

When adding attachments to ticket comments, another user can add attachments as well... Moderate Unreviewed

CVE-2024-23792 was published Jan 29, 2024

A vulnerability classified as critical was found in Sichuan Yougou Technology KuERP up to 1.0.4.... Moderate Unreviewed

CVE-2024-0988 was published Jan 29, 2024

An authentication bypass vulnerability exists in the web component of the Motorola MR2600. An... Critical Unreviewed

CVE-2024-23629 was published Jan 26, 2024

An authentication bypass vulnerability was found in overt-engine. This flaw allows the creation... Critical Unreviewed

CVE-2024-0822 was published Jan 25, 2024

Authentication bypass in vector-admin allows a user to register to a vector-admin server while ... Moderate Unreviewed

CVE-2024-0879 was published Jan 25, 2024

HPE OneView may allow clusterService Authentication Bypass resulting in denial of service. High Unreviewed

CVE-2023-50275 was published Jan 23, 2024

The issue was addressed with improved authentication. This issue is fixed in iOS 17.3 and iPadOS... Moderate Unreviewed

CVE-2024-23219 was published Jan 23, 2024

An authentication issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed

CVE-2023-42935 was published Jan 23, 2024

Previous 1…18…137 Next

Previous 1 2 … 16 17 18 19 20 … 136 137 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,422 advisories