Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,423 advisories

Loading
A weak authentication vulnerability [CWE-1390] in FortiNAC-F version 7.2.0, FortiNAC version 9.4... High Unreviewed
CVE-2022-45860 was published May 4, 2023
Sensitive information disclosure due to improper authentication. The following products are... Critical Unreviewed
CVE-2022-30995 was published May 3, 2023
OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password... Critical Unreviewed
CVE-2022-35898 was published May 1, 2023
D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass. High Unreviewed
CVE-2023-30063 was published May 1, 2023
D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via phpcgi. High Unreviewed
CVE-2023-30061 was published May 1, 2023
Improper Authentication vulnerability in HYPR Keycloak Authenticator Extension allows... High Unreviewed
CVE-2023-1477 was published Apr 28, 2023
This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 ... Critical Unreviewed
CVE-2023-1778 was published Apr 27, 2023
Denial of service due to unauthenticated API endpoint. The following products are affected:... Low Unreviewed
CVE-2022-45456 was published Apr 26, 2023
The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID... Moderate Unreviewed
CVE-2022-40723 was published Apr 25, 2023
Use of default password vulnerability in PowerPanel Business Local/Remote for Windows v4.8.6 and... Critical Unreviewed
CVE-2023-25131 was published Apr 24, 2023
NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the... High Unreviewed
CVE-2023-0209 was published Apr 22, 2023
This vulnerability allows remote attackers to bypass authentication on affected installations of... High Unreviewed
CVE-2023-27351 was published Apr 20, 2023
A CWE-287: Improper Authentication vulnerability exists that could allow a device to be... High Unreviewed
CVE-2023-25556 was published Apr 18, 2023
An issue was discovered in the ALU unit of the OR1200 (aka OpenRISC 1200) processor 2011-09-10... Critical Unreviewed
CVE-2021-40507 was published Apr 18, 2023
An issue was discovered in the ALU unit of the OR1200 (aka OpenRISC 1200) processor 2011-09-10... Critical Unreviewed
CVE-2021-40506 was published Apr 18, 2023
An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks... High Unreviewed
CVE-2023-28973 was published Apr 18, 2023
An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of... Critical Unreviewed
CVE-2023-28962 was published Apr 18, 2023
An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper... Moderate Unreviewed
CVE-2023-28963 was published Apr 18, 2023
The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing... Moderate Unreviewed
CVE-2022-48314 was published Apr 16, 2023
The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed
CVE-2023-2027 was published Apr 15, 2023
A vulnerability in the web conferencing component of Mitel MiCollab through 9.6.2.9 could allow... Moderate Unreviewed
CVE-2023-25597 was published Apr 14, 2023
An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor... Critical Unreviewed
CVE-2022-45173 was published Apr 14, 2023
An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor... Critical Unreviewed
CVE-2022-45174 was published Apr 14, 2023
Authentication Bypass by Alternate Name vulnerability in DTS Electronics Redline Router firmware... Critical Unreviewed
CVE-2023-1803 was published Apr 14, 2023
Authentication Bypass by Primary Weakness vulnerability in DTS Electronics Redline Router... Critical Unreviewed
CVE-2023-1833 was published Apr 14, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database