GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,117
Composer 4,330
Erlang 31
GitHub Actions 21
Go 2,091
Maven 5,253
npm 3,756
NuGet 678
pip 3,443
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,038

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

339 advisories

Filter by severity

Sort by

Least recently updated

The Akuvox E11 web server can be accessed without any user authentication, and this could allow... Critical Unreviewed

CVE-2023-0354 was published Mar 13, 2023

Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An... Critical Unreviewed

CVE-2023-28461 was published Mar 16, 2023

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability that... Critical Unreviewed

CVE-2023-1140 was published Mar 27, 2023

Apache OpenMeetings missing authentication and can allow user impersonation Critical

CVE-2023-28326 was published for org.apache.openmeetings:openmeetings-parent (Maven) Mar 28, 2023

This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed

CVE-2022-36983 was published Mar 29, 2023

Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP... Critical Unreviewed

CVE-2023-27497 was published Apr 11, 2023

A missing authentication for critical function vulnerability [CWE-306] in FortiPresence... Critical Unreviewed

CVE-2022-41331 was published Apr 11, 2023

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow... Critical Unreviewed

CVE-2023-29411 was published Apr 18, 2023

The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW., SICK UE410-EN1... Critical Unreviewed

CVE-2023-23451 was published Apr 20, 2023

A vulnerability, which was classified as critical, was found in MAXTECH MAX-G866ac 0.4... Critical Unreviewed

CVE-2023-2231 was published Apr 21, 2023

Moxa MiiNePort E1 has a vulnerability of insufficient access control. An unauthenticated remote... Critical Unreviewed

CVE-2023-28697 was published Apr 27, 2023

A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters could... Critical Unreviewed

CVE-2023-20126 was published May 4, 2023

The BP Social Connect plugin for WordPress is vulnerable to authentication bypass in versions up... Critical Unreviewed

CVE-2023-2704 was published May 19, 2023

It is identified a vulnerability of insufficient authentication in the system configuration... Critical Unreviewed

CVE-2023-30604 was published Jun 2, 2023

The User Email Verification for WooCommerce plugin for WordPress is vulnerable to authentication... Critical Unreviewed

CVE-2023-2781 was published Jun 3, 2023

The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2020-36713 was published Jun 7, 2023

The Wordable plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2020-36724 was published Jun 7, 2023

An issue in Planet Technologies WDRT-1800AX v1.01-CP21 allows attackers to bypass authentication... Critical Unreviewed

CVE-2023-33553 was published Jun 7, 2023

Improper authentication vulnerability exists in KB-AHR series and KB-IRIP series. If this... Critical Unreviewed

CVE-2023-30762 was published Jun 13, 2023

FINS (Factory Interface Network Service) is a message communication protocol, which is designed... Critical Unreviewed

CVE-2023-27396 was published Jun 19, 2023

A remote unprivileged attacker can modify and access configuration settings on the EventCam App... Critical Unreviewed

CVE-2023-31411 was published Jun 19, 2023

Zoho ManageEngine ADSelfService Plus through 6113 has an authentication bypass that can be... Critical Unreviewed

CVE-2023-35854 was published Jun 20, 2023

STW (aka Sensor-Technik Wiedemann) TCG-4 Connectivity Module DeploymentPackage_v3.03r0-Impala and... Critical Unreviewed

CVE-2023-35830 was published Jun 29, 2023

The BookIt plugin for WordPress is vulnerable to authentication bypass in versions up to, and... Critical Unreviewed

CVE-2023-2834 was published Jun 30, 2023

Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated... Critical Unreviewed

CVE-2022-41629 was published Jul 6, 2023

Previous 1 2 … 8 9 10 11 12 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

339 advisories