GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,899
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,503
Maven 5,946
npm 4,148
NuGet 735
pip 3,949
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,749

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,423 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Netwrix Usercube before 6.0.215, in certain misconfigured on-premises installations, allows... Critical Unreviewed

CVE-2023-41264 was published Nov 28, 2023

[PROBLEMTYPE] in [COMPONENT] in [VENDOR] [PRODUCT] [VERSION] on [PLATFORMS] allows [ATTACKER] to ... Critical Unreviewed

CVE-2023-6329 was published Nov 27, 2023

An authentication bypass exists in Arcserve UDP prior to version 9.2. An unauthenticated, remote... High Unreviewed

CVE-2023-41999 was published Nov 27, 2023

Cron log backup files contain administrator session IDs. It is trivial for any attacker who can... High Unreviewed

CVE-2023-4677 was published Nov 23, 2023

The UserPro plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2023-2437 was published Nov 22, 2023

An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify,... Critical Unreviewed

CVE-2023-49105 was published Nov 22, 2023

Versions of INEA ME RTU firmware 3.36b and prior do not require authentication to the "root"... Critical Unreviewed

CVE-2023-29155 was published Nov 20, 2023

Adobe FrameMaker versions 2022 and earlier are affected by an Improper Authentication... Critical Unreviewed

CVE-2023-44324 was published Nov 17, 2023

An issue in Kloudq Technologies Limited Tor Equip 1.0, Tor Loco Mini 1.0 through 3.1 allows a... Critical Unreviewed

CVE-2023-41442 was published Nov 16, 2023

Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical... Moderate Unreviewed

CVE-2023-42554 was published Nov 15, 2023

Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation... Moderate Unreviewed

CVE-2023-43582 was published Nov 15, 2023

Improper authentication in some Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader... Moderate Unreviewed

CVE-2023-32661 was published Nov 14, 2023

Improper authentication for some Intel Unison software may allow an authenticated user to... Moderate Unreviewed

CVE-2023-22663 was published Nov 14, 2023

Improper authentication in some Intel(R) NUC Kit NUC11PH USB firmware installation software... Moderate Unreviewed

CVE-2023-28377 was published Nov 14, 2023

Memory Corruption in Core due to secure memory access by user while loading modem image. High Unreviewed

CVE-2023-24852 was published Nov 14, 2023

Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows... Critical Unreviewed

CVE-2023-42531 was published Nov 13, 2023

An issue discovered in Pfsense CE version 2.6.0 allows attackers to change the password of any... High Unreviewed

CVE-2023-29975 was published Nov 10, 2023

Improper Authentication vulnerability in Apereo CAS in jakarta.servlet.http.HttpServletRequest... Critical Unreviewed

CVE-2023-4612 was published Nov 9, 2023

A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is... Moderate Unreviewed

CVE-2023-40660 was published Nov 6, 2023

An issue in Beijing Yunfan Internet Technology Co., Ltd, Yunfan Learning Examination System v.6.5... Moderate Unreviewed

CVE-2023-46963 was published Nov 5, 2023

A locally authenticated attacker with low privileges can bypass authentication due to insecure... High Unreviewed

CVE-2022-44569 was published Nov 3, 2023

RMI was not requiring authentication when calling ChronosRMIService:setEventOrganizer. Attackers... Moderate Unreviewed

CVE-2023-26455 was published Nov 2, 2023

Multiple MFPs (multifunction printers) provided by FUJIFILM Business Innovation Corp. and Xerox... Moderate Unreviewed

CVE-2023-46327 was published Nov 2, 2023

A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism... High Unreviewed

CVE-2023-5627 was published Nov 1, 2023

In SEPolicy, there is a possible way to access the factory MAC address due to a permissions... Moderate Unreviewed

CVE-2023-21297 was published Oct 30, 2023

Previous 1…21…137 Next

Previous 1 2 … 19 20 21 22 23 … 136 137 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,423 advisories