GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,990
Composer 4,293
Erlang 31
GitHub Actions 21
Go 2,061
Maven 5,239
npm 3,744
NuGet 668
pip 3,423
Pub 12
RubyGems 892
Rust 875
Swift 36

Unreviewed advisories

All unreviewed 239,508

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

333 advisories

Filter by severity

Sort by

Least recently updated

The Flexi Classic and Flexi Soft Gateways SICK UE410-EN3 FLEXI ETHERNET GATEW., SICK UE410-EN1... Critical Unreviewed

CVE-2023-23451 was published Apr 20, 2023

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could allow... Critical Unreviewed

CVE-2023-29411 was published Apr 18, 2023

A missing authentication for critical function vulnerability [CWE-306] in FortiPresence... Critical Unreviewed

CVE-2022-41331 was published Apr 11, 2023

Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP... Critical Unreviewed

CVE-2023-27497 was published Apr 11, 2023

This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed

CVE-2022-36983 was published Mar 29, 2023

Apache OpenMeetings missing authentication and can allow user impersonation Critical

CVE-2023-28326 was published for org.apache.openmeetings:openmeetings-parent (Maven) Mar 28, 2023

Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability that... Critical Unreviewed

CVE-2023-1140 was published Mar 27, 2023

Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An... Critical Unreviewed

CVE-2023-28461 was published Mar 16, 2023

The Akuvox E11 web server can be accessed without any user authentication, and this could allow... Critical Unreviewed

CVE-2023-0354 was published Mar 13, 2023

Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241... Critical Unreviewed

CVE-2023-27290 was published Mar 4, 2023

An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows... Critical Unreviewed

CVE-2022-45551 was published Mar 3, 2023

The configuration backend allows an unauthenticated user to write arbitrary data with root... Critical Unreviewed

CVE-2022-45140 was published Feb 27, 2023

The configuration backend of the web-based management can be used by unauthenticated users,... Critical Unreviewed

CVE-2022-45138 was published Feb 27, 2023

Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05... Critical Unreviewed

CVE-2023-23452 was published Feb 21, 2023

Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05... Critical Unreviewed

CVE-2023-23453 was published Feb 21, 2023

A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1... Critical Unreviewed

CVE-2023-0906 was published Feb 18, 2023

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its... Critical Unreviewed

CVE-2023-0102 was published Feb 15, 2023

LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create... Critical Unreviewed

CVE-2023-22804 was published Feb 15, 2023

A CWE-306: Missing Authentication for Critical Function The software does not perform any... Critical Unreviewed

CVE-2022-42970 was published Feb 1, 2023

A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... Critical Unreviewed

CVE-2022-32528 was published Jan 31, 2023

Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4... Critical Unreviewed

CVE-2022-42458 was published Dec 7, 2022

The default configuration of Lazy Mouse does not require a password, allowing remote... Critical Unreviewed

CVE-2022-45481 was published Dec 5, 2022

PC Keyboard allows remote unauthenticated users to send instructions to the server to execute... Critical Unreviewed

CVE-2022-45479 was published Dec 5, 2022

Telepad allows remote unauthenticated users to send instructions to the server to execute... Critical Unreviewed

CVE-2022-45477 was published Dec 5, 2022

A vulnerability classified as critical was found in SourceCodester Book Store Management System 1... Critical Unreviewed

CVE-2022-4229 was published Nov 30, 2022

Previous 1 2 3 4 5 6 7 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

333 advisories