Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,414 advisories

Loading
IBM Planning Analytics Cartridge for Cloud Pak for Data 4.0 connects to a CouchDB server. An... High Unreviewed
CVE-2023-27877 was published Jul 19, 2023
Improper Authentication vulnerability in miniOrange OAuth Single Sign On – SSO (OAuth Client)... High Unreviewed
CVE-2022-34155 was published Jul 18, 2023
Mattermost fails to invalidate previously generated password reset tokens when a new reset token... High Unreviewed
CVE-2023-3591 was published Jul 17, 2023
Authentication Bypass by Primary Weakness vulnerability in Oliva Expertise Oliva Expertise EKS... High Unreviewed
CVE-2023-2959 was published Jul 17, 2023
A hidden API exists in TapHome's core platform before version 2023.2 that allows an authenticated... High Unreviewed
CVE-2023-2759 was published Jul 17, 2023
DroneScout ds230 Remote ID receiver from BlueMark Innovations is affected by an Improper... High Unreviewed
CVE-2023-31190 was published Jul 11, 2023
SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7... High Unreviewed
CVE-2023-35874 was published Jul 11, 2023
The Profile Builder – User Profile & User Registration Forms plugin for WordPress is vulnerable... High Unreviewed
CVE-2023-2297 was published Jul 6, 2023
A support user exists on the device and appears to be a backdoor for Technical Support staff. The... High Unreviewed
CVE-2022-47209 was published Jul 6, 2023
Sealos billing system permission control defect High
CVE-2023-36815 was published for github.com/labring/sealos (Go) Jun 30, 2023
DVKunion
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that... High Unreviewed
CVE-2023-32524 was published Jun 27, 2023
Affected versions of Trend Micro Mobile Security (Enterprise) 9.8 SP5 contain some widgets that... High Unreviewed
CVE-2023-32523 was published Jun 27, 2023
Dell BIOS contains an improper authentication vulnerability. A locally authenticated malicious... High Unreviewed
CVE-2023-28073 was published Jun 23, 2023
A vulnerability was found in PuneethReddyHC Online Shopping System Advanced 1.0. It has been... High Unreviewed
CVE-2023-3337 was published Jun 20, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48494 was published Jun 19, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48496 was published Jun 19, 2023
A broken authentication vulnerability in 4D SAS 4D Server software v17, v18, v19 R7, and earlier... High Unreviewed
CVE-2023-30223 was published Jun 16, 2023
Transient DOS due to improper authentication in modem while receiving plain TLB OTA request... High Unreviewed
CVE-2022-40536 was published Jun 6, 2023
Transient DOS due to improper authorization in Modem High Unreviewed
CVE-2022-40521 was published Jun 6, 2023
Authentication bypass vulnerability in Qrio Lock (Q-SL2) firmware version 2.0.9 and earlier... High Unreviewed
CVE-2023-25946 was published May 23, 2023
Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75... High Unreviewed
CVE-2023-2024 was published May 18, 2023
Improper Authentication vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox ... High Unreviewed
CVE-2023-0863 was published May 17, 2023
The OTP Login Woocommerce & Gravity Forms plugin for WordPress is vulnerable to authentication... High Unreviewed
CVE-2023-2706 was published May 17, 2023
Apache OpenMeetings Improper Authentication vulnerability High
CVE-2023-29032 was published for org.apache.openmeetings:openmeetings-parent (Maven) May 12, 2023
An Authentication Bypass Using an Alternate Path or Channel vulnerability in the Schweitzer... High Unreviewed
CVE-2023-31152 was published May 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database