Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,270 advisories

Loading
Dell DM5500 5.14.0.0 and prior contain an improper authentication vulnerability. A remote... High Unreviewed
CVE-2023-44302 was published Dec 4, 2023
An improper authentication vulnerability in the authentication module of the Zyxel NAS326... High Unreviewed
CVE-2023-35137 was published Nov 30, 2023
An authentication bypass exists in Arcserve UDP prior to version 9.2. An unauthenticated, remote... High Unreviewed
CVE-2023-41999 was published Nov 27, 2023
Cron log backup files contain administrator session IDs. It is trivial for any attacker who can... High Unreviewed
CVE-2023-4677 was published Nov 23, 2023
Memory Corruption in Core due to secure memory access by user while loading modem image. High Unreviewed
CVE-2023-24852 was published Nov 14, 2023
An issue discovered in Pfsense CE version 2.6.0 allows attackers to change the password of any... High Unreviewed
CVE-2023-29975 was published Nov 10, 2023
A locally authenticated attacker with low privileges can bypass authentication due to insecure... High Unreviewed
CVE-2022-44569 was published Nov 3, 2023
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism... High Unreviewed
CVE-2023-5627 was published Nov 1, 2023
A vulnerability classified as critical has been found in ColumbiaSoft Document Locator. This... High Unreviewed
CVE-2023-5830 was published Oct 27, 2023
An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The Web SSH terminal... High Unreviewed
CVE-2023-35794 was published Oct 27, 2023
Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain... High Unreviewed
CVE-2023-46290 was published Oct 27, 2023
Missing authentication in the StudentPopupDetails_ContactDetails method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-27375 was published Oct 25, 2023
Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1... High Unreviewed
CVE-2023-27259 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_EmergencyContactDetails method in... High Unreviewed
CVE-2023-27377 was published Oct 25, 2023
Missing authentication in the GetActiveToiletPasses method in IDAttend’s IDWeb application 3.1... High Unreviewed
CVE-2023-27257 was published Oct 25, 2023
Missing authentication in the GetStudentGroupStudents method in IDAttend’s IDWeb application... High Unreviewed
CVE-2023-27258 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_StudentDetails method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-27376 was published Oct 25, 2023
Missing authentication in the SearchStudentsRFID method in IDAttend’s IDWeb application 3.1.052... High Unreviewed
CVE-2023-26576 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-26570 was published Oct 25, 2023
Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052... High Unreviewed
CVE-2023-26575 was published Oct 25, 2023
Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and... High Unreviewed
CVE-2023-26571 was published Oct 25, 2023
Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and... High Unreviewed
CVE-2023-26574 was published Oct 25, 2023
Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073,... High Unreviewed
CVE-2023-5246 was published Oct 23, 2023
The affected product is vulnerable to an improper authentication vulnerability, which... High Unreviewed
CVE-2023-41089 was published Oct 19, 2023
BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local... High Unreviewed
CVE-2023-23632 was published Oct 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database