GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,931
Composer 4,871
Erlang 37
GitHub Actions 36
Go 2,517
Maven 5,956
npm 4,150
NuGet 736
pip 3,952
Pub 12
RubyGems 946
Rust 1,026
Swift 39

Unreviewed advisories

All unreviewed 269,965

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,251 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication... Critical Unreviewed

CVE-2023-2781 was published Jun 3, 2023

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2020-36713 was published Jun 7, 2023

The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2020-36724 was published Jun 7, 2023

On Triangle MicroWorks' SCADA Data Gateway version <= v5.01.03, an unauthenticated attacker can... Moderate Unreviewed

CVE-2023-2187 was published Jun 7, 2023

An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication... Critical Unreviewed

CVE-2023-33553 was published Jun 7, 2023

SAP Plant Connectivity - version 15.5 (PCo) or the Production Connector for SAP Digital... Moderate Unreviewed

CVE-2023-2827 was published Jun 13, 2023

Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. If this... Critical Unreviewed

CVE-2023-30762 was published Jun 13, 2023

Missing authentication for critical function in Wi-Fi AP UNIT allows a remote unauthenticated... High Unreviewed

CVE-2023-31196 was published Jun 13, 2023

FINS (Factory Interface Network Service) is a message communication protocol, which is designed... Critical Unreviewed

CVE-2023-27396 was published Jun 19, 2023

A remote unprivileged attacker can modify and access configuration settings on the EventCam App... Critical Unreviewed

CVE-2023-31411 was published Jun 19, 2023

Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed

CVE-2022-48496 was published Jun 19, 2023

Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed

CVE-2022-48494 was published Jun 19, 2023

Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be... Critical Unreviewed

CVE-2023-35854 was published Jun 20, 2023

An unauthenticated attacker within BLE proximity can remotely connect to a 7-Eleven LED Message... Moderate Unreviewed

CVE-2023-34761 was published Jun 28, 2023

STW (aka Sensor-Technik Wiedemann) TCG-4 Connectivity Module DeploymentPackage_v3.03r0-Impala and... Critical Unreviewed

CVE-2023-35830 was published Jun 29, 2023

The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2023-2834 was published Jun 30, 2023

A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows... High Unreviewed

CVE-2023-36347 was published Jun 30, 2023

Hero Qubo HCD01_02_V1.38_20220125 devices allow TELNET access with root privileges by default,... High Unreviewed

CVE-2023-22906 was published Jul 4, 2023

Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1... High Unreviewed

CVE-2023-30643 was published Jul 6, 2023

Authentication is currently unsupported in Haas Controller version 100.20.000.1110 when using the... High Unreviewed

CVE-2022-2474 was published Jul 6, 2023

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated... Critical Unreviewed

CVE-2022-41629 was published Jul 6, 2023

SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac... High Unreviewed

CVE-2023-0052 was published Jul 6, 2023

In SAP NetWeaver Enterprise Portal - version 7.50, an unauthenticated attacker can attach to an... Moderate Unreviewed

CVE-2023-28761 was published Jul 6, 2023

Due to missing authentication and insufficient input validation, the OSCommand Bridge of SAP... High Unreviewed

CVE-2023-27267 was published Jul 6, 2023

In SAP AS NetWeaver JAVA - versions SERVERCORE 7.50, J2EE-FRMW 7.50, CORE-TOOLS 7.50, an... Critical Unreviewed

CVE-2023-30744 was published Jul 6, 2023

Previous 1…28…51 Next

Previous 1 2 … 26 27 28 29 30 … 50 51 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,251 advisories