GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,931
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,517
Maven 5,956
npm 4,150
NuGet 736
pip 3,952
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 270,073

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,164 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server... Moderate Unreviewed

CVE-2023-27983 was published Mar 21, 2023

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server... High Unreviewed

CVE-2023-27980 was published Mar 21, 2023

Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An... Critical Unreviewed

CVE-2023-28461 was published Mar 16, 2023

Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791,... Moderate Unreviewed

CVE-2023-25615 was published Mar 14, 2023

SAP NetWeaver Application Server Java for Classload Service - version 7.50, does not perform any... Moderate Unreviewed

CVE-2023-24526 was published Mar 14, 2023

The Akuvox E11 web server can be accessed without any user authentication, and this could allow... Critical Unreviewed

CVE-2023-0354 was published Mar 13, 2023

Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the... High Unreviewed

CVE-2023-27532 was published Mar 11, 2023

Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241... Critical Unreviewed

CVE-2023-27290 was published Mar 4, 2023

An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows... Critical Unreviewed

CVE-2022-45551 was published Mar 3, 2023

VMware Workspace ONE Content contains a passcode bypass vulnerability. A malicious actor, with... Moderate Unreviewed

CVE-2023-20857 was published Feb 28, 2023

The configuration backend of the web-based management can be used by unauthenticated users,... Critical Unreviewed

CVE-2022-45138 was published Feb 27, 2023

The configuration backend allows an unauthenticated user to write arbitrary data with root... Critical Unreviewed

CVE-2022-45140 was published Feb 27, 2023

An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses... High Unreviewed

CVE-2022-34908 was published Feb 27, 2023

Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05... Critical Unreviewed

CVE-2023-23453 was published Feb 21, 2023

Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05... Critical Unreviewed

CVE-2023-23452 was published Feb 21, 2023

Gnuboard 5.5.4 and 5.5.5 is vulnerable to Insecure Permissions. An attacker can change password... High Unreviewed

CVE-2022-44216 was published Feb 20, 2023

Missing Authentication for Critical Function in GitHub repository kareadita/kavita prior to 0.7.0. Low Unreviewed

CVE-2023-0919 was published Feb 19, 2023

A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1... Critical Unreviewed

CVE-2023-0906 was published Feb 18, 2023

TIANJIE CPE906-3 is vulnerable to password disclosure. This is present on Software Version WEB5... High Unreviewed

CVE-2022-47703 was published Feb 17, 2023

Palantir Gotham included an unauthenticated endpoint that listed all active usernames on the... Moderate Unreviewed

CVE-2022-27891 was published Feb 16, 2023

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its... Critical Unreviewed

CVE-2023-0102 was published Feb 15, 2023

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create... Critical Unreviewed

CVE-2023-22804 was published Feb 15, 2023

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to perform... High Unreviewed

CVE-2023-22803 was published Feb 15, 2023

The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this... High Unreviewed

CVE-2022-48299 was published Feb 9, 2023

The bundle management module lacks authentication and control mechanisms in some APIs. Successful... High Unreviewed

CVE-2022-48288 was published Feb 9, 2023

Previous 1…24…47 Next

Previous 1 2 … 22 23 24 25 26 … 46 47 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,164 advisories