Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,164 advisories

Loading
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48496 was published Jun 19, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48494 was published Jun 19, 2023
A remote unprivileged attacker can modify and access configuration settings on the EventCam App... Critical Unreviewed
CVE-2023-31411 was published Jun 19, 2023
FINS (Factory Interface Network Service) is a message communication protocol, which is designed... Critical Unreviewed
CVE-2023-27396 was published Jun 19, 2023
Missing authentication for critical function in Wi-Fi AP UNIT allows a remote unauthenticated... High Unreviewed
CVE-2023-31196 was published Jun 13, 2023
Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. If this... Critical Unreviewed
CVE-2023-30762 was published Jun 13, 2023
SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital... Moderate Unreviewed
CVE-2023-2827 was published Jun 13, 2023
An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication... Critical Unreviewed
CVE-2023-33553 was published Jun 7, 2023
On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can... Moderate Unreviewed
CVE-2023-2187 was published Jun 7, 2023
The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2020-36724 was published Jun 7, 2023
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed
CVE-2020-36713 was published Jun 7, 2023
The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication... Critical Unreviewed
CVE-2023-2781 was published Jun 3, 2023
It is identified a vulnerability of insufficient authentication in the system configuration... Critical Unreviewed
CVE-2023-30604 was published Jun 2, 2023
It is identified a vulnerability of insufficient authentication in an important specific function... Moderate Unreviewed
CVE-2023-25780 was published Jun 2, 2023
Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass... Moderate Unreviewed
CVE-2022-36249 was published May 30, 2023
Talend Data Catalog remote harvesting server before 8.0-20230413 contains a /upgrade endpoint... High Unreviewed
CVE-2023-33247 was published May 26, 2023
The reminder module lacks an authentication mechanism for broadcasts received. Successful... High Unreviewed
CVE-2023-0116 was published May 26, 2023
The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of... High Unreviewed
CVE-2023-31227 was published May 26, 2023
IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via an exposed HTTP... High Unreviewed
CVE-2023-31594 was published May 25, 2023
Missing Authentication for critical function vulnerability in HYPR Server allows Authentication... High Unreviewed
CVE-2023-1837 was published May 23, 2023
Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data... Moderate Unreviewed
CVE-2023-23545 was published May 23, 2023
The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up... Critical Unreviewed
CVE-2023-2704 was published May 19, 2023
A vulnerability in the social login configuration option for the guest users of Cisco Business... Moderate Unreviewed
CVE-2023-20003 was published May 18, 2023
SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability... Critical Unreviewed
CVE-2023-1096 was published May 12, 2023
Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with... High Unreviewed
CVE-2023-23444 was published May 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database