GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,904
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,504
Maven 5,949
npm 4,149
NuGet 735
pip 3,949
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,783

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,423 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

TN-5900 Series firmware version v3.3 and prior is vulnerable to improper-authentication... High Unreviewed

CVE-2023-33237 was published Aug 17, 2023

An issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token. Critical Unreviewed

CVE-2023-39846 was published Aug 17, 2023

Dell BIOS contains an improper authentication vulnerability. A malicious user with physical... Low Unreviewed

CVE-2023-32453 was published Aug 16, 2023

An authentication bypass vulnerability in Ivanti EPMM 11.10 and older, allows unauthorized users... Critical Unreviewed

CVE-2023-35082 was published Aug 15, 2023

The Dataprobe iBoot PDU running firmware version 1.43.03312023 or earlier is vulnerable to... High Unreviewed

CVE-2023-3263 was published Aug 14, 2023

Permission control vulnerability in the audio module. Successful exploitation of this... High Unreviewed

CVE-2023-39380 was published Aug 13, 2023

EmpowerID before 7.205.0.1 allows an attacker to bypass an MFA (multi factor authentication)... Critical Unreviewed

CVE-2023-40260 was published Aug 11, 2023

Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0,... Critical Unreviewed

CVE-2023-40253 was published Aug 11, 2023

PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023... Low Unreviewed

CVE-2023-30700 was published Aug 10, 2023

The FULL - Customer plugin for WordPress is vulnerable to Information Disclosure via the /health... Moderate Unreviewed

CVE-2023-4242 was published Aug 9, 2023

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks... High Unreviewed

CVE-2023-21626 was published Aug 8, 2023

Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker... Moderate Unreviewed

CVE-2023-36926 was published Aug 8, 2023

Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default... Critical Unreviewed

CVE-2023-32090 was published Aug 7, 2023

ECShop v4.1.16 contains an arbitrary file deletion vulnerability in the Admin Panel. Moderate Unreviewed

CVE-2023-39112 was published Aug 4, 2023

A vulnerability in the request authentication validation for the REST API of Cisco SD-WAN vManage... Critical Unreviewed

CVE-2023-20214 was published Aug 4, 2023

An authentication bypass vulnerability exists in Suprema BioStar 2 before 2.9.1, which allows... High Unreviewed

CVE-2023-33363 was published Aug 3, 2023

In the Keyfactor EJBCA before 8.0.0, the RA web certificate distribution servlet /ejbca/ra/cert... High Unreviewed

CVE-2023-34196 was published Aug 3, 2023

ROC800-Series RTU devices are vulnerable to an authentication bypass, which could allow an... Critical Unreviewed

CVE-2023-1935 was published Aug 3, 2023

Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password... Moderate Unreviewed

CVE-2023-3470 was published Aug 2, 2023

In PHP Jabbers Time Slots Booking Calendar 3.3 , lack of verification when changing an email... High Unreviewed

CVE-2023-33563 was published Aug 2, 2023

Access Control Bypass Vulnerability in the SolarWinds Platform that allows an underprivileged... Moderate Unreviewed

CVE-2023-3622 was published Jul 26, 2023

Authentication bypass vulnerability in Fujitsu network devices Si-R series and SR-M series allows... High Unreviewed

CVE-2023-38555 was published Jul 26, 2023

Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core, through 11.10 allows remote... Critical Unreviewed

CVE-2023-35078 was published Jul 25, 2023

Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to... High Unreviewed

CVE-2023-37362 was published Jul 20, 2023

In GeoVision GV-ADR2701 cameras, an attacker could edit the login response to access the web... Critical Unreviewed

CVE-2023-3638 was published Jul 19, 2023

Previous 1…25…137 Next

Previous 1 2 … 23 24 25 26 27 … 136 137 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,423 advisories