Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,422 advisories

Loading
Authorization vulnerability in the BootLoader module. Successful exploitation of this... High Unreviewed
CVE-2023-52111 was published Jan 16, 2024
An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti... High Unreviewed
CVE-2023-46805 was published Jan 12, 2024
The authentication mechanism can be bypassed by overflowing the value of the Cookie ... Critical Unreviewed
CVE-2023-49262 was published Jan 12, 2024
An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication... Critical Unreviewed
CVE-2023-50919 was published Jan 12, 2024
Hozard alarm system (Alarmsysteem) v1.0 is vulnerable to Improper Authentication. Commands sent... Moderate Unreviewed
CVE-2023-50127 was published Jan 11, 2024
The vulnerability allows a remote attacker to access sensitive data inside exported packages or... High Unreviewed
CVE-2023-48257 was published Jan 10, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS... High Unreviewed
CVE-2022-48618 was published Jan 9, 2024
An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service.... High Unreviewed
CVE-2023-5376 was published Jan 9, 2024
Dataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full... Critical Unreviewed
CVE-2023-51717 was published Jan 9, 2024
A vulnerability was found in OneNav up to 0.9.33. It has been classified as critical. This... High Unreviewed
CVE-2023-7210 was published Jan 7, 2024
A vulnerability was found in Uniway Router 2.0. It has been declared as critical. This... Moderate Unreviewed
CVE-2023-7211 was published Jan 7, 2024
Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan-2024 Release... Moderate Unreviewed
CVE-2024-20803 was published Jan 4, 2024
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows... Moderate Unreviewed
CVE-2023-31292 was published Dec 29, 2023
Arris DG860A and DG1670A devices have predictable default WPA2 PSKs that could lead to... High Unreviewed
CVE-2023-40038 was published Dec 27, 2023
A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password... Moderate Unreviewed
CVE-2023-4641 was published Dec 27, 2023
The Quiz Maker WordPress plugin before 6.4.9.5 does not adequately authorize the ... Moderate Unreviewed
CVE-2023-6155 was published Dec 26, 2023
An issue was discovered in RWS WorldServer before 11.7.3. Adding a token parameter with the value... Critical Unreviewed
CVE-2022-34267 was published Dec 25, 2023
There is broken access control during authentication in Jamf Pro Server before 10.46.1. Critical Unreviewed
CVE-2023-31224 was published Dec 25, 2023
The vulnerability exists in ADiTaaS (Allied Digital Integrated Tool-as-a-Service) version 5.1 due... Critical Unreviewed
CVE-2023-6483 was published Dec 22, 2023
Bentley eB System Management Console applications within Assetwise Integrity Information Server... High Unreviewed
CVE-2023-51708 was published Dec 22, 2023
An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed
CVE-2023-6847 was published Dec 21, 2023
A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as... Critical Unreviewed
CVE-2023-6907 was published Dec 20, 2023
Authentication bypass vulnerability in Amazing Little Poll affecting versions 1.3 and 1.4. This... Critical Unreviewed
CVE-2023-6768 was published Dec 20, 2023
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated... Moderate Unreviewed
CVE-2023-49646 was published Dec 14, 2023
** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fortinet... High Unreviewed
CVE-2023-44252 was published Dec 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database