Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,419 advisories

Loading
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS... High Unreviewed
CVE-2022-48618 was published Jan 9, 2024
An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service.... High Unreviewed
CVE-2023-5376 was published Jan 9, 2024
A vulnerability was found in OneNav up to 0.9.33. It has been classified as critical. This... High Unreviewed
CVE-2023-7210 was published Jan 7, 2024
Omniauth::MicrosoftGraph Account takeover (nOAuth) High
CVE-2024-21632 was published for omniauth-microsoft_graph (RubyGems) Jan 3, 2024
makuga01
Arris DG860A and DG1670A devices have predictable default WPA2 PSKs that could lead to... High Unreviewed
CVE-2023-40038 was published Dec 27, 2023
Bentley eB System Management Console applications within Assetwise Integrity Information Server... High Unreviewed
CVE-2023-51708 was published Dec 22, 2023
An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed
CVE-2023-6847 was published Dec 21, 2023
Apache Pulsar WebSocket Proxy contains an Improper Authentication vulnerability High
CVE-2023-37544 was published for org.apache.pulsar:pulsar-websocket (Maven) Dec 20, 2023
Authentication bypass vulnerability in navidrome's subsonic endpoint High
CVE-2023-51442 was published for github.com/navidrome/navidrome (Go) Dec 19, 2023
crazygolem
** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fortinet... High Unreviewed
CVE-2023-44252 was published Dec 13, 2023
Improper Authentication vulnerability in Nadatel DVR allows Information Elicitation.This issue... High Unreviewed
CVE-2023-45801 was published Dec 13, 2023
Missing authentication in the internal data streaming system in ProLion CryptoSpike 3.0.15P2... High Unreviewed
CVE-2023-36648 was published Dec 12, 2023
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate... High Unreviewed
CVE-2023-45866 was published Dec 8, 2023
The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass... High Unreviewed
CVE-2023-6514 was published Dec 6, 2023
Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated... High Unreviewed
CVE-2023-5970 was published Dec 5, 2023
An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows... High Unreviewed
CVE-2023-47304 was published Dec 5, 2023
Transient DOS in Automotive OS due to improper authentication to the secure IO calls. High Unreviewed
CVE-2023-33070 was published Dec 5, 2023
Information disclosure in SMU in Hitachi Vantara HNAS 14.8.7825.01 on Windows allows... High Unreviewed
CVE-2023-5808 was published Dec 5, 2023
Dell DM5500 5.14.0.0 and prior contain an improper authentication vulnerability. A remote... High Unreviewed
CVE-2023-44302 was published Dec 4, 2023
An improper authentication vulnerability in the authentication module of the Zyxel NAS326... High Unreviewed
CVE-2023-35137 was published Nov 30, 2023
Apache ActiveMQ Deserialization of Untrusted Data vulnerability High
CVE-2022-41678 was published for org.apache.activemq:apache-activemq (Maven) Nov 28, 2023
sunSUNQ
An authentication bypass exists in Arcserve UDP prior to version 9.2. An unauthenticated, remote... High Unreviewed
CVE-2023-41999 was published Nov 27, 2023
Cron log backup files contain administrator session IDs. It is trivial for any attacker who can... High Unreviewed
CVE-2023-4677 was published Nov 23, 2023
Memory Corruption in Core due to secure memory access by user while loading modem image. High Unreviewed
CVE-2023-24852 was published Nov 14, 2023
An issue discovered in Pfsense CE version 2.6.0 allows attackers to change the password of any... High Unreviewed
CVE-2023-29975 was published Nov 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database