GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
813 advisories
Filter by severity
An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read,...
Critical
Unreviewed
CVE-2024-6422
was published
Jul 10, 2024
A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs....
Critical
Unreviewed
CVE-2023-41918
was published
Jul 2, 2024
IBM OpenBMC FW1050.00 through FW1050.10 BMCWeb HTTPS server component could disclose sensitive...
High
Unreviewed
CVE-2024-31916
was published
Jun 27, 2024
STRIMZI incorrect access control
High
CVE-2024-36543
was published
for
io.strimzi:strimzi
(Maven)
Jun 17, 2024
Toshiba printers provides API without authentication for internal access. A local attacker can...
High
Unreviewed
CVE-2024-27169
was published
Jun 14, 2024
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure...
Moderate
Unreviewed
CVE-2024-5947
was published
Jun 13, 2024
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This...
Moderate
Unreviewed
CVE-2024-5952
was published
Jun 13, 2024
Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability....
High
Unreviewed
CVE-2024-5951
was published
Jun 13, 2024
An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server /
API Gateway...
Critical
Unreviewed
CVE-2024-2013
was published
Jun 11, 2024
Missing Authentication for Critical Function vulnerability in Aruphash Crafthemes Demo Import...
High
Unreviewed
CVE-2024-34800
was published
Jun 10, 2024
Under certain circumstances communications between the ICU tool and an iSTAR Pro door controller...
High
Unreviewed
CVE-2024-32752
was published
Jun 6, 2024
IBM System Storage DS8900F 89.22.19.0, 89.30.68.0, 89.32.40.0, 89.33.48.0, 89.40.83.0, and 89.40...
Moderate
Unreviewed
CVE-2024-22326
was published
Jun 6, 2024
Unauthenticated Access to sensitive settings in Argo CD
Moderate
CVE-2024-37152
was published
for
github.com/argoproj/argo-cd/v2/server
(Go)
Jun 6, 2024
A vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an...
Moderate
Unreviewed
CVE-2024-20391
was published
May 15, 2024
When configuring Arc (e.g. during the first setup), a local web interface is provided to ease the...
High
Unreviewed
CVE-2023-5935
was published
May 15, 2024
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected...
High
Unreviewed
CVE-2024-27942
was published
May 14, 2024
An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel...
Critical
Unreviewed
CVE-2024-32735
was published
May 14, 2024
The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an...
High
Unreviewed
CVE-2024-2860
was published
May 8, 2024
NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information...
Moderate
Unreviewed
CVE-2021-34983
was published
May 8, 2024
D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows...
Moderate
Unreviewed
CVE-2023-37325
was published
May 8, 2024
By design, the DHCP protocol does not authenticate messages, including for example the classless...
High
Unreviewed
CVE-2024-3661
was published
May 6, 2024
Voltronic Power ViewPower getModbusPassword Missing Authentication Information Disclosure...
High
Unreviewed
CVE-2023-51587
was published
May 3, 2024
D-Link G416 httpd Missing Authentication for Critical Function Remote Code Execution...
High
Unreviewed
CVE-2023-50199
was published
May 3, 2024
Control Web Panel Missing Authentication Remote Code Execution Vulnerability. This vulnerability...
Critical
Unreviewed
CVE-2023-42121
was published
May 3, 2024
D-Link D-View shutdown_coreserver Missing Authentication Denial-of-Service Vulnerability. This...
Moderate
Unreviewed
CVE-2023-44413
was published
May 3, 2024
ProTip!
Advisories are also available from the
GraphQL API