Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,247 advisories

Loading
Talend Data Catalog remote harvesting server before 8.0-20230413 contains a /upgrade endpoint... High Unreviewed
CVE-2023-33247 was published May 26, 2023
The reminder module lacks an authentication mechanism for broadcasts received. Successful... High Unreviewed
CVE-2023-0116 was published May 26, 2023
The hwPartsDFR module has a vulnerability in API calling verification. Successful exploitation of... High Unreviewed
CVE-2023-31227 was published May 26, 2023
IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via an exposed HTTP... High Unreviewed
CVE-2023-31594 was published May 25, 2023
Missing Authentication for critical function vulnerability in HYPR Server allows Authentication... High Unreviewed
CVE-2023-1837 was published May 23, 2023
Missing authentication for critical function exists in T&D Corporation and ESPEC MIC CORP. data... Moderate Unreviewed
CVE-2023-23545 was published May 23, 2023
The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up... Critical Unreviewed
CVE-2023-2704 was published May 19, 2023
A vulnerability in the social login configuration option for the guest users of Cisco Business... Moderate Unreviewed
CVE-2023-20003 was published May 18, 2023
SnapCenter versions 4.7 prior to 4.7P2 and 4.8 prior to 4.8P1 are susceptible to a vulnerability... Critical Unreviewed
CVE-2023-1096 was published May 12, 2023
Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with... High Unreviewed
CVE-2023-23444 was published May 12, 2023
Missing authentication for critical function exists in Seiko Solutions SkyBridge series, which... High Unreviewed
CVE-2023-22441 was published May 10, 2023
Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0... High Unreviewed
CVE-2023-23906 was published May 10, 2023
Mage-ai missing user authentication High
CVE-2023-31143 was published for mage-ai (pip) May 5, 2023
A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could... Critical Unreviewed
CVE-2023-20126 was published May 4, 2023
In Talend Studio before 7.3.1-R2022-10 and 8.x before 8.0.1-R2022-09, microservices allow... High Unreviewed
CVE-2023-31444 was published Apr 28, 2023
Moxa MiiNePort E1 has a vulnerability of insufficient access control. An unauthenticated remote... Critical Unreviewed
CVE-2023-28697 was published Apr 27, 2023
PingID Desktop prior to the latest released version 1.7.4 contains a vulnerability that can be... Moderate Unreviewed
CVE-2022-40725 was published Apr 25, 2023
A vulnerability, which was classified as critical, was found in MAXTECH MAX-G866ac 0.4... Critical Unreviewed
CVE-2023-2231 was published Apr 21, 2023
The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW., SICK UE410-EN1... Critical Unreviewed
CVE-2023-23451 was published Apr 20, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2023-21979 was published Apr 18, 2023
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... High Unreviewed
CVE-2023-29413 was published Apr 18, 2023
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow... Critical Unreviewed
CVE-2023-29411 was published Apr 18, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2023-21931 was published Apr 18, 2023
An issue was discovered in DG3450 Cable Gateway AR01.02.056.18_041520_711.NCS.10. The... Moderate Unreviewed
CVE-2023-27571 was published Apr 15, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authentication in its web server. This... High Unreviewed
CVE-2023-27747 was published Apr 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database