GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,470

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

749 advisories

Filter by severity

Sort by

Least recently updated

Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052... High Unreviewed

CVE-2023-26575 was published Oct 25, 2023

Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and... High Unreviewed

CVE-2023-26571 was published Oct 25, 2023

Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb... High Unreviewed

CVE-2023-26570 was published Oct 25, 2023

IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to... High Unreviewed

CVE-2023-43045 was published Oct 23, 2023

Vulnerability in the Hospitality OPERA 5 Property Services product of Oracle Hospitality... High Unreviewed

CVE-2023-22087 was published Oct 18, 2023

Vulnerability of access permissions not being strictly verified in the APPWidget module... Critical Unreviewed

CVE-2023-44116 was published Oct 11, 2023

Incorrect access control in 70mai a500s v1.2.119 allows attackers to directly access and delete... Critical Unreviewed

CVE-2023-43271 was published Oct 9, 2023

An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored... High Unreviewed

CVE-2023-4884 was published Oct 3, 2023

Sensitive information disclosure and manipulation due to improper authentication. The following... Moderate Unreviewed

CVE-2023-44152 was published Sep 27, 2023

The Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable... Moderate Unreviewed

CVE-2023-4505 was published Sep 27, 2023

The Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP... Moderate Unreviewed

CVE-2023-4506 was published Sep 27, 2023

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX... Moderate Unreviewed

CVE-2023-36851 was published Sep 27, 2023

Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas... Critical Unreviewed

CVE-2023-4702 was published Sep 14, 2023

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update... High Unreviewed

CVE-2023-4516 was published Sep 14, 2023

Due to missing authentication check in webdynpro application, an unauthorized user in SAP... Moderate Unreviewed

CVE-2023-41367 was published Sep 13, 2023

A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering... High Unreviewed

CVE-2023-34392 was published Aug 31, 2023

In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external... High Unreviewed

CVE-2023-40598 was published Aug 30, 2023

Saho’s attendance devices ADM100 and ADM-100FP have a vulnerability of missing authentication... High Unreviewed

CVE-2023-38030 was published Aug 28, 2023

Saho’s attendance devices ADM100 and ADM-100FP have insufficient authentication. An... Critical Unreviewed

CVE-2023-38028 was published Aug 28, 2023

Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the... High Unreviewed

CVE-2023-38422 was published Aug 24, 2023

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX... Moderate Unreviewed

CVE-2023-36846 was published Aug 17, 2023

A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX... Moderate Unreviewed

CVE-2023-36847 was published Aug 17, 2023

Broadcom RAID Controller Web server (nginx) is serving private server-side files without any... High Unreviewed

CVE-2023-4335 was published Aug 15, 2023

Broadcom RAID Controller Web server (nginx) is serving private files without any authentication High Unreviewed

CVE-2023-4334 was published Aug 15, 2023

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected... High Unreviewed

CVE-2023-37373 was published Aug 8, 2023

Previous 1 2 3 4 5 6 7 8 … 29 30 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

749 advisories