Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,247 advisories

Loading
Saho’s attendance devices ADM100 and ADM-100FP have a vulnerability of missing authentication... High Unreviewed
CVE-2023-38030 was published Aug 28, 2023
Saho’s attendance devices ADM100 and ADM-100FP have insufficient authentication. An... Critical Unreviewed
CVE-2023-38028 was published Aug 28, 2023
Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the... High Unreviewed
CVE-2023-38422 was published Aug 24, 2023
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX... Moderate Unreviewed
CVE-2023-36846 was published Aug 17, 2023
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX... Moderate Unreviewed
CVE-2023-36847 was published Aug 17, 2023
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication High Unreviewed
CVE-2023-4334 was published Aug 15, 2023
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any... High Unreviewed
CVE-2023-4335 was published Aug 15, 2023
Permission control vulnerability in the audio module. Successful exploitation of this... High Unreviewed
CVE-2023-39380 was published Aug 13, 2023
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected... High Unreviewed
CVE-2023-37373 was published Aug 8, 2023
SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an... Moderate Unreviewed
CVE-2023-39436 was published Aug 8, 2023
SAP PowerDesigner - version 16.7, has improper access control which might allow an... Critical Unreviewed
CVE-2023-37483 was published Aug 8, 2023
Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker... Moderate Unreviewed
CVE-2023-36926 was published Aug 8, 2023
The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for... Moderate Unreviewed
CVE-2023-38523 was published Jul 20, 2023
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... High Unreviewed
CVE-2023-22047 was published Jul 18, 2023
Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11... Critical Unreviewed
CVE-2023-36669 was published Jul 18, 2023
CasaOS Gateway vulnerable to incorrect identification of source IP addresses Critical
CVE-2023-37265 was published for github.com/IceWhaleTech/CasaOS-Gateway (Go) Jul 17, 2023
thomas-chauchefoin-sonarsource
The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows... High Unreviewed
CVE-2023-38379 was published Jul 16, 2023
SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7... High Unreviewed
CVE-2023-35874 was published Jul 11, 2023
The Message Display Tool (MDT) of SAP NetWeaver Process Integration - version SAP_XIAF 7.50, does... Moderate Unreviewed
CVE-2023-35872 was published Jul 11, 2023
The Runtime Workbench (RWB) of SAP NetWeaver Process Integration - version SAP_XITOOL 7.50, does... Moderate Unreviewed
CVE-2023-35873 was published Jul 11, 2023
AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to... Critical Unreviewed
CVE-2023-34335 was published Jul 6, 2023
Missing Authentication for Critical Function vulnerability in Honeywell OneWireless allows... High Unreviewed
CVE-2022-4240 was published Jul 6, 2023
In SAP AS NetWeaver JAVA - versions SERVERCORE 7.50, J2EE-FRMW 7.50, CORE-TOOLS 7.50, an... Critical Unreviewed
CVE-2023-30744 was published Jul 6, 2023
Due to missing authentication and insufficient input validation, the OSCommand Bridge of SAP... High Unreviewed
CVE-2023-27267 was published Jul 6, 2023
In SAP NetWeaver Enterprise Portal - version 7.50, an unauthenticated attacker can attach to an... Moderate Unreviewed
CVE-2023-28761 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database