GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
749 advisories
Filter by severity
Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052...
High
Unreviewed
CVE-2023-26575
was published
Oct 25, 2023
Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and...
High
Unreviewed
CVE-2023-26571
was published
Oct 25, 2023
Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb...
High
Unreviewed
CVE-2023-26570
was published
Oct 25, 2023
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to...
High
Unreviewed
CVE-2023-43045
was published
Oct 23, 2023
Vulnerability in the Hospitality OPERA 5 Property Services product of Oracle Hospitality...
High
Unreviewed
CVE-2023-22087
was published
Oct 18, 2023
Vulnerability of access permissions not being strictly verified in the APPWidget module...
Critical
Unreviewed
CVE-2023-44116
was published
Oct 11, 2023
Incorrect access control in 70mai a500s v1.2.119 allows attackers to directly access and delete...
Critical
Unreviewed
CVE-2023-43271
was published
Oct 9, 2023
An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored...
High
Unreviewed
CVE-2023-4884
was published
Oct 3, 2023
Sensitive information disclosure and manipulation due to improper authentication. The following...
Moderate
Unreviewed
CVE-2023-44152
was published
Sep 27, 2023
The Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable...
Moderate
Unreviewed
CVE-2023-4505
was published
Sep 27, 2023
The Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP...
Moderate
Unreviewed
CVE-2023-4506
was published
Sep 27, 2023
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX...
Moderate
Unreviewed
CVE-2023-36851
was published
Sep 27, 2023
Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas...
Critical
Unreviewed
CVE-2023-4702
was published
Sep 14, 2023
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update...
High
Unreviewed
CVE-2023-4516
was published
Sep 14, 2023
Due to missing authentication check in webdynpro application, an unauthorized user in SAP...
Moderate
Unreviewed
CVE-2023-41367
was published
Sep 13, 2023
A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering...
High
Unreviewed
CVE-2023-34392
was published
Aug 31, 2023
In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external...
High
Unreviewed
CVE-2023-40598
was published
Aug 30, 2023
Saho’s attendance devices ADM100 and ADM-100FP have a vulnerability of missing authentication...
High
Unreviewed
CVE-2023-38030
was published
Aug 28, 2023
Saho’s attendance devices ADM100 and ADM-100FP have insufficient authentication. An...
Critical
Unreviewed
CVE-2023-38028
was published
Aug 28, 2023
Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the...
High
Unreviewed
CVE-2023-38422
was published
Aug 24, 2023
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX...
Moderate
Unreviewed
CVE-2023-36846
was published
Aug 17, 2023
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX...
Moderate
Unreviewed
CVE-2023-36847
was published
Aug 17, 2023
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any...
High
Unreviewed
CVE-2023-4335
was published
Aug 15, 2023
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
High
Unreviewed
CVE-2023-4334
was published
Aug 15, 2023
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected...
High
Unreviewed
CVE-2023-37373
was published
Aug 8, 2023
ProTip!
Advisories are also available from the
GraphQL API