Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,247 advisories

Loading
** DISPUTED ** A Missing Authentication for Critical Function issue affecting the HTTP service... Moderate Unreviewed
CVE-2023-6949 was published Apr 2, 2024
u-boot bug that allows for u-boot shell and interrupt over UART Critical Unreviewed
CVE-2023-48426 was published Apr 5, 2024
A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart... Moderate Unreviewed
CVE-2023-25493 was published Apr 5, 2024
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive... Critical Unreviewed
CVE-2023-1083 was published Apr 9, 2024
A vulnerability was discovered in the firmware builds after 8.0.2.3267 and prior to 8.1.3.1301 in... High Unreviewed
CVE-2024-3281 was published Apr 9, 2024
Windows Update Stack Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-26235 was published Apr 9, 2024
A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe... Moderate Unreviewed
CVE-2024-30391 was published Apr 12, 2024
aEnrich Technology a+HRD's functionality for front-end retrieval of system configuration values... Moderate Unreviewed
CVE-2024-3774 was published Apr 15, 2024
The password reset feature of Ai3 QbiBot lacks proper access control, allowing unauthenticated... Critical Unreviewed
CVE-2024-3777 was published Apr 15, 2024
The system application (com.transsion.kolun.aiservice) component does not perform an... Critical Unreviewed
CVE-2024-3701 was published Apr 15, 2024
An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an... High Unreviewed
CVE-2023-4857 was published Apr 15, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2024-21007 was published Apr 17, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2024-21006 was published Apr 17, 2024
Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications... Critical Unreviewed
CVE-2024-21014 was published Apr 17, 2024
An unauthenticated attacker can reset the board and stop transmitter operations by sending a... Moderate Unreviewed
CVE-2024-21846 was published Apr 19, 2024
The devices allow access to an unprotected endpoint that allows MPFS file system binary image... High Unreviewed
CVE-2024-1491 was published Apr 19, 2024
Improper Authentication vulnerability in Abdul Hakeem Build App Online allows Privilege... Critical Unreviewed
CVE-2023-51478 was published Apr 25, 2024
A missing authentication for critical function vulnerability has been reported to affect... Critical Unreviewed
CVE-2024-32764 was published Apr 26, 2024
NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-27357 was published May 3, 2024
Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function... High Unreviewed
CVE-2023-38123 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability... Critical Unreviewed
CVE-2023-39457 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure... Moderate Unreviewed
CVE-2023-39466 was published May 3, 2024
D-Link DAP-1325 HNAP Missing Authentication Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-41187 was published May 3, 2024
D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-41186 was published May 3, 2024
NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability. This vulnerability allows network... High Unreviewed
CVE-2023-41183 was published May 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database