GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
813 advisories
Filter by severity
NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability. This vulnerability allows network...
High
Unreviewed
CVE-2023-41183
was published
May 3, 2024
D-Link DAP-1325 HNAP Missing Authentication Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-41187
was published
May 3, 2024
D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability. This...
Moderate
Unreviewed
CVE-2023-41186
was published
May 3, 2024
Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure...
Moderate
Unreviewed
CVE-2023-39466
was published
May 3, 2024
Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability...
Critical
Unreviewed
CVE-2023-39457
was published
May 3, 2024
Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function...
High
Unreviewed
CVE-2023-38123
was published
May 3, 2024
NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability. This...
Moderate
Unreviewed
CVE-2023-27357
was published
May 3, 2024
A missing authentication for critical function vulnerability has been reported to affect...
Critical
Unreviewed
CVE-2024-32764
was published
Apr 26, 2024
An unauthenticated attacker can reset the board and stop transmitter
operations by sending a...
Moderate
Unreviewed
CVE-2024-21846
was published
Apr 19, 2024
The devices allow access to an unprotected endpoint that allows MPFS
file system binary image...
High
Unreviewed
CVE-2024-1491
was published
Apr 19, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2024-21007
was published
Apr 17, 2024
An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an...
High
Unreviewed
CVE-2023-4857
was published
Apr 15, 2024
The system application (com.transsion.kolun.aiservice) component does not perform an...
Critical
Unreviewed
CVE-2024-3701
was published
Apr 15, 2024
A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine (pfe...
Moderate
Unreviewed
CVE-2024-30391
was published
Apr 12, 2024
Windows Update Stack Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-26235
was published
Apr 9, 2024
A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart...
Moderate
Unreviewed
CVE-2023-25493
was published
Apr 5, 2024
** DISPUTED ** A Missing Authentication for Critical Function issue affecting the HTTP service...
Moderate
Unreviewed
CVE-2023-6949
was published
Apr 2, 2024
Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service...
High
Unreviewed
CVE-2023-51571
was published
Apr 2, 2024
Missing Authorization vulnerability in ThemeHunk Advance WordPress Search Plugin.This issue...
Moderate
Unreviewed
CVE-2022-38057
was published
Mar 25, 2024
Jupyter Server Proxy's Websocket Proxying does not require authentication
Critical
CVE-2024-28179
was published
for
jupyter-server-proxy
(pip)
Mar 20, 2024
Apache Pulsar: Improper Authentication for Pulsar Proxy Statistics Endpoint
High
CVE-2022-34321
was published
for
org.apache.pulsar:pulsar-proxy
(Maven)
Mar 12, 2024
An unauthenticated remote attacker can modify configurations to perform a remote code execution...
Critical
Unreviewed
CVE-2024-25995
was published
Mar 12, 2024
RPyC's missing security check results in code execution when using numpy.array on the server-side.
High
CVE-2024-27758
was published
for
rpyc
(pip)
Mar 6, 2024
A vulnerability was found in CodeAstro House Rental Management System 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2024-2076
was published
Mar 1, 2024
Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful...
Unknown
Unreviewed
CVE-2022-48621
was published
Feb 18, 2024
ProTip!
Advisories are also available from the
GraphQL API