Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,423 advisories

Loading
An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed... Moderate Unreviewed
CVE-2023-23761 was published Jul 6, 2023
An authentication vulnerability was discovered in Jira Service Management Server and Data Center... Critical Unreviewed
CVE-2023-22501 was published Jul 6, 2023
The User Verification WordPress plugin before 1.0.94 was affected by an Auth Bypass security... Critical Unreviewed
CVE-2022-4693 was published Jul 6, 2023
It is possible to manipulate the JWT token without the knowledge of the JWT secret and... Moderate Unreviewed
CVE-2021-4314 was published Jul 6, 2023
An unauthenticated user can access Identity Manager’s management console specific page URLs.... Moderate Unreviewed
CVE-2022-25626 was published Jul 6, 2023
The BD BodyGuard™ infusion pumps specified allow for access through the RS-232 (serial) port... Moderate Unreviewed
CVE-2022-43557 was published Jul 6, 2023
A support user exists on the device and appears to be a backdoor for Technical Support staff. The... High Unreviewed
CVE-2022-47209 was published Jul 6, 2023
Improper authentication in Samsung Pass prior to version 4.2.03.1 allows local attacker to access... Moderate Unreviewed
CVE-2023-30675 was published Jul 6, 2023
Improper authentication vulnerability in WL-WN531AX2 firmware versions prior to 2023526 allows a... Moderate Unreviewed
CVE-2023-32620 was published Jun 30, 2023
D-Link DSL-G256DG version vBZ_1.00.27 web management interface allows authentication bypass via... Critical Unreviewed
CVE-2023-32222 was published Jun 28, 2023
A vulnerability in Cisco Duo Two-Factor Authentication for macOS could allow an authenticated,... Moderate Unreviewed
CVE-2023-20199 was published Jun 28, 2023
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that... High Unreviewed
CVE-2023-32524 was published Jun 27, 2023
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that... High Unreviewed
CVE-2023-32523 was published Jun 27, 2023
Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious... High Unreviewed
CVE-2023-28073 was published Jun 23, 2023
pam_krb5 authenticates a user by essentially running kinit with the password, getting a ticket... Critical Unreviewed
CVE-2023-3326 was published Jun 22, 2023
A vulnerability was found in PuneethReddyHC Online Shopping System Advanced 1.0. It has been... High Unreviewed
CVE-2023-3337 was published Jun 20, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48494 was published Jun 19, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48496 was published Jun 19, 2023
A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier... High Unreviewed
CVE-2023-30223 was published Jun 16, 2023
Windows 7 is vulnerable to a full blind TCP/IP hijacking attack. The vulnerability exists in... Moderate Unreviewed
CVE-2023-34367 was published Jun 14, 2023
Rockwell Automation's FactoryTalk System Services does not verify that a backup configuration... Moderate Unreviewed
CVE-2023-2638 was published Jun 13, 2023
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest... Low Unreviewed
CVE-2023-20867 was published Jun 13, 2023
Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. If this... Critical Unreviewed
CVE-2023-30762 was published Jun 13, 2023
A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All versions >= V1.17.3... Critical Unreviewed
CVE-2023-29129 was published Jun 13, 2023
Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method. Critical Unreviewed
CVE-2023-32220 was published Jun 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database