Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,245 advisories

Loading
An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions)... High Unreviewed
CVE-2022-45794 was published Jan 11, 2024
An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2023-40393 was published Jan 11, 2024
Microsoft Bluetooth Driver Spoofing Vulnerability Moderate Unreviewed
CVE-2024-21306 was published Jan 9, 2024
Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect ... High Unreviewed
CVE-2023-5881 was published Jan 3, 2024
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and... Critical Unreviewed
CVE-2023-29485 was published Dec 21, 2023
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an... High Unreviewed
CVE-2023-6595 was published Dec 14, 2023
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an... Moderate Unreviewed
CVE-2023-6368 was published Dec 14, 2023
Unauthenticated db-file-storage views Low
CVE-2023-50263 was published for nautobot (pip) Dec 13, 2023
Kircheneer
An authentication bypass vulnerability has been found in Repox, which allows a remote user to... Critical Unreviewed
CVE-2023-6718 was published Dec 13, 2023
Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An... High Unreviewed
CVE-2023-32460 was published Dec 8, 2023
NETGEAR ProSAFE Network Management System has Java Debug Wire Protocol (JDWP) listening on port... Critical Unreviewed
CVE-2023-49693 was published Nov 30, 2023
The FACSChorus workstation does not prevent physical access to its PCI express (PCIe) slots,... Low Unreviewed
CVE-2023-29063 was published Nov 28, 2023
The FACSChorus workstation operating system does not restrict what devices can interact with its... Moderate Unreviewed
CVE-2023-29060 was published Nov 28, 2023
There is no BIOS password on the FACSChorus workstation. A threat actor with physical access to... Moderate Unreviewed
CVE-2023-29061 was published Nov 28, 2023
Lack of authentication vulnerability. An unauthenticated local user is able to see through the... Moderate Unreviewed
CVE-2023-3104 was published Nov 22, 2023
Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet... Critical Unreviewed
CVE-2023-42770 was published Nov 21, 2023
Missing authentication for critical function vulnerability in First Corporation's DVRs allows a... Critical Unreviewed
CVE-2023-47674 was published Nov 16, 2023
VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware... Critical Unreviewed
CVE-2023-34060 was published Nov 14, 2023
A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). The PUD Manager of... Moderate Unreviewed
CVE-2023-46096 was published Nov 14, 2023
Missing Authentication in Apache Software Foundation Apache OFBiz when using the Solr plugin.... Moderate Unreviewed
CVE-2023-46819 was published Nov 10, 2023
Insufficient Verification of Data Authenticity vulnerability in Mitsubishi Electric Corporation... Critical Unreviewed
CVE-2023-4699 was published Nov 6, 2023
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3... High Unreviewed
CVE-2023-46381 was published Nov 5, 2023
Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation... High Unreviewed
CVE-2022-43555 was published Nov 3, 2023
Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation... High Unreviewed
CVE-2022-43554 was published Nov 3, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an... Critical Unreviewed
CVE-2023-41351 was published Nov 3, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database