Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,247 advisories

Loading
Apollo has potential access control security issue in eureka High
CVE-2023-25570 was published for com.ctrip.framework.apollo:apollo (Maven) Feb 22, 2023
Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05... Critical Unreviewed
CVE-2023-23453 was published Feb 21, 2023
Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05... Critical Unreviewed
CVE-2023-23452 was published Feb 21, 2023
Gnuboard 5.5.4 and 5.5.5 is vulnerable to Insecure Permissions. An attacker can change password... High Unreviewed
CVE-2022-44216 was published Feb 20, 2023
Missing Authentication for Critical Function in GitHub repository kareadita/kavita prior to 0.7.0. Low Unreviewed
CVE-2023-0919 was published Feb 19, 2023
A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1... Critical Unreviewed
CVE-2023-0906 was published Feb 18, 2023
TIANJIE CPE906-3 is vulnerable to password disclosure. This is present on Software Version WEB5... High Unreviewed
CVE-2022-47703 was published Feb 17, 2023
Palantir Gotham included an unauthenticated endpoint that listed all active usernames on the... Moderate Unreviewed
CVE-2022-27891 was published Feb 16, 2023
LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its... Critical Unreviewed
CVE-2023-0102 was published Feb 15, 2023
LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create... Critical Unreviewed
CVE-2023-22804 was published Feb 15, 2023
LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to perform... High Unreviewed
CVE-2023-22803 was published Feb 15, 2023
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this... High Unreviewed
CVE-2022-48299 was published Feb 9, 2023
The bundle management module lacks authentication and control mechanisms in some APIs. Successful... High Unreviewed
CVE-2022-48288 was published Feb 9, 2023
The bundle management module lacks authentication and control mechanisms in some APIs. Successful... High Unreviewed
CVE-2022-48289 was published Feb 9, 2023
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this... High Unreviewed
CVE-2022-48300 was published Feb 9, 2023
Missing authentication when creating and managing the B&R APROL database in versions < R 4.2-07... High Unreviewed
CVE-2022-43761 was published Feb 8, 2023
An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio range can... Moderate Unreviewed
CVE-2022-45190 was published Feb 8, 2023
TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative... High Unreviewed
CVE-2022-24990 was published Feb 7, 2023
Because the web management interface for Unified Intents' Unified Remote solution does not itself... Critical Unreviewed
CVE-2022-3229 was published Feb 7, 2023
Incorrect Access Control vulnerability in Modern Honey Network commit... Moderate Unreviewed
CVE-2021-37234 was published Feb 3, 2023
Broken Access Control in 3rd party TYPO3 extension "femanager" High
CVE-2023-25014 was published for in2code/femanager (Composer) Feb 2, 2023
ohader
Broken Access Control in 3rd party TYPO3 extension "femanager" High
CVE-2023-25013 was published for in2code/femanager (Composer) Feb 2, 2023
ohader
A CWE-306: Missing Authentication for Critical Function The software does not perform any... Critical Unreviewed
CVE-2022-42970 was published Feb 1, 2023
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... Critical Unreviewed
CVE-2022-32528 was published Jan 31, 2023
The force offline MFA prompt setting is not respected when switching to offline mode in... Low Unreviewed
CVE-2023-0463 was published Jan 26, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database