GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
748 advisories
Filter by severity
Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation...
High
Unreviewed
CVE-2022-43555
was published
Nov 3, 2023
Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation...
High
Unreviewed
CVE-2022-43554
was published
Nov 3, 2023
Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of authentication bypass, which allows an...
Critical
Unreviewed
CVE-2023-41351
was published
Nov 3, 2023
TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can...
High
Unreviewed
CVE-2023-46978
was published
Oct 31, 2023
Undisclosed requests may bypass configuration utility authentication, allowing an attacker...
Critical
Unreviewed
CVE-2023-46747
was published
Oct 26, 2023
The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura...
High
Unreviewed
CVE-2023-40401
was published
Oct 25, 2023
An authentication issue was addressed with improved state management. This issue is fixed in...
Moderate
Unreviewed
CVE-2023-42845
was published
Oct 25, 2023
The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker...
High
Unreviewed
CVE-2023-45851
was published
Oct 25, 2023
The Android Client application, when enrolled with the define method 1(the user manually inserts...
High
Unreviewed
CVE-2023-45220
was published
Oct 25, 2023
A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius...
Critical
Unreviewed
CVE-2023-39930
was published
Oct 25, 2023
PingFederate using the PingOne MFA adapter allows a new MFA device to be paired without requiring...
Moderate
Unreviewed
CVE-2023-39231
was published
Oct 25, 2023
The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to...
High
Unreviewed
CVE-2023-41255
was published
Oct 25, 2023
Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1...
High
Unreviewed
CVE-2023-27259
was published
Oct 25, 2023
Missing authentication in the GetStudentGroupStudents method in IDAttend’s IDWeb application...
High
Unreviewed
CVE-2023-27258
was published
Oct 25, 2023
Missing authentication in the SearchStudentsRFID method in IDAttend’s IDWeb application 3.1.052...
High
Unreviewed
CVE-2023-26576
was published
Oct 25, 2023
Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the...
High
Unreviewed
CVE-2023-26580
was published
Oct 25, 2023
Missing authentication in the GetActiveToiletPasses method in IDAttend’s IDWeb application 3.1...
High
Unreviewed
CVE-2023-27257
was published
Oct 25, 2023
Missing authentication in the DeleteStaff method in IDAttend’s IDWeb application 3.1.013 allows...
Moderate
Unreviewed
CVE-2023-26579
was published
Oct 25, 2023
Missing authentication in the StudentPopupDetails_StudentDetails method in IDAttend’s IDWeb...
High
Unreviewed
CVE-2023-27376
was published
Oct 25, 2023
Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3...
Moderate
Unreviewed
CVE-2023-27261
was published
Oct 25, 2023
Missing authentication in the StudentPopupDetails_ContactDetails method in IDAttend’s IDWeb...
High
Unreviewed
CVE-2023-27375
was published
Oct 25, 2023
Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and...
Moderate
Unreviewed
CVE-2023-27256
was published
Oct 25, 2023
Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and...
High
Unreviewed
CVE-2023-26571
was published
Oct 25, 2023
Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb...
High
Unreviewed
CVE-2023-26570
was published
Oct 25, 2023
Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052...
High
Unreviewed
CVE-2023-26575
was published
Oct 25, 2023
ProTip!
Advisories are also available from the
GraphQL API