Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,414 advisories

Loading
An authentication bypass vulnerability exists in the Authentication functionality of Weston... High Unreviewed
CVE-2022-41985 was published May 10, 2023
Improper authentication in the Intel(R) DCM software before version 5.1 may allow an... High Unreviewed
CVE-2022-44610 was published May 10, 2023
Improper access control vulnerability in AppLock prior to SMR May-2023 Release 1 allows local... High Unreviewed
CVE-2023-21484 was published May 4, 2023
A weak authentication vulnerability [CWE-1390] in FortiNAC-F version 7.2.0, FortiNAC version 9.4... High Unreviewed
CVE-2022-45860 was published May 4, 2023
D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via phpcgi. High Unreviewed
CVE-2023-30061 was published May 1, 2023
D-Link DIR-890L FW1.10 A1 is vulnerable to Authentication bypass. High Unreviewed
CVE-2023-30063 was published May 1, 2023
Improper Authentication vulnerability in HYPR Keycloak Authenticator Extension allows... High Unreviewed
CVE-2023-1477 was published Apr 28, 2023
NVIDIA DGX-1 SBIOS contains a vulnerability in the Uncore PEI module, where authentication of the... High Unreviewed
CVE-2023-0209 was published Apr 22, 2023
This vulnerability allows remote attackers to bypass authentication on affected installations of... High Unreviewed
CVE-2023-27351 was published Apr 20, 2023
A CWE-287: Improper Authentication vulnerability exists that could allow a device to be... High Unreviewed
CVE-2023-25556 was published Apr 18, 2023
An Improper Authorization vulnerability in the 'sysmanctl' shell command of Juniper Networks... High Unreviewed
CVE-2023-28973 was published Apr 18, 2023
An unauthorized access issue found in XiaoBingby TeaCMS 2.3.3 allows attackers to escalate... High Unreviewed
CVE-2023-27091 was published Apr 4, 2023
Panasonic AiSEG2 versions 2.00J through 2.93A allows adjacent attackers bypass authentication due... High Unreviewed
CVE-2023-28727 was published Mar 31, 2023
An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse... High Unreviewed
CVE-2023-27535 was published Mar 30, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2022-43620 was published Mar 29, 2023
An information disclosure vulnerability exists in the User authentication functionality of... High Unreviewed
CVE-2022-45124 was published Mar 20, 2023
Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an... High Unreviewed
CVE-2023-23857 was published Mar 14, 2023
Akuvox E11 cloud login is performed through an unencrypted HTTP connection. An attacker could... High Unreviewed
CVE-2023-0346 was published Mar 13, 2023
An improper authentication vulnerability exists in Avalanche version 6.3.x and below allows... High Unreviewed
CVE-2022-44574 was published Mar 11, 2023
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in... High Unreviewed
CVE-2022-33242 was published Mar 10, 2023
Keycloak vulnerable to user impersonation via stolen UUID code High
CVE-2023-0264 was published for org.keycloak:keycloak-services (Maven) Mar 2, 2023
JorXi
Improper Authentication vulnerability in ABB Symphony Plus S+ Operations allows Man in the Middle... High Unreviewed
CVE-2023-0228 was published Mar 2, 2023
An issue was discovered in Docmosis Tornado prior to version 2.9.5. An unauthenticated attacker... High Unreviewed
CVE-2023-25264 was published Feb 28, 2023
A vulnerability classified as critical has been found in SourceCodester Employee Task Management... High Unreviewed
CVE-2023-0905 was published Feb 18, 2023
Improper authentication in the Intel(R) Quartus Prime Pro and Standard edition software may allow... High Unreviewed
CVE-2022-32570 was published Feb 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database