Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

358 advisories

Loading
Missing authentication in the GetActiveToiletPasses method in IDAttend’s IDWeb application 3.1... High Unreviewed
CVE-2023-27257 was published Oct 25, 2023
Missing authentication in the GetStudentGroupStudents method in IDAttend’s IDWeb application... High Unreviewed
CVE-2023-27258 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_StudentDetails method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-27376 was published Oct 25, 2023
Missing authentication in the SearchStudentsRFID method in IDAttend’s IDWeb application 3.1.052... High Unreviewed
CVE-2023-26576 was published Oct 25, 2023
Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the... High Unreviewed
CVE-2023-26580 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-26570 was published Oct 25, 2023
Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052... High Unreviewed
CVE-2023-26575 was published Oct 25, 2023
Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and... High Unreviewed
CVE-2023-26571 was published Oct 25, 2023
Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and... High Unreviewed
CVE-2023-26574 was published Oct 25, 2023
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to... High Unreviewed
CVE-2023-43045 was published Oct 23, 2023
Vulnerability in the Hospitality OPERA 5 Property Services product of Oracle Hospitality... High Unreviewed
CVE-2023-22087 was published Oct 18, 2023
An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored... High Unreviewed
CVE-2023-4884 was published Oct 3, 2023
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update... High Unreviewed
CVE-2023-4516 was published Sep 14, 2023
Answer Missing Authentication for Critical Function High
CVE-2023-4815 was published for github.com/answerdev/answer (Go) Sep 7, 2023
A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions... High Unreviewed
CVE-2023-39981 was published Sep 2, 2023
A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering... High Unreviewed
CVE-2023-34392 was published Aug 31, 2023
In Splunk Enterprise versions below 8.2.12, 9.0.6, and 9.1.1, an attacker can create an external... High Unreviewed
CVE-2023-40598 was published Aug 30, 2023
Saho’s attendance devices ADM100 and ADM-100FP have a vulnerability of missing authentication... High Unreviewed
CVE-2023-38030 was published Aug 28, 2023
Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the... High Unreviewed
CVE-2023-38422 was published Aug 24, 2023
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication High Unreviewed
CVE-2023-4334 was published Aug 15, 2023
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any... High Unreviewed
CVE-2023-4335 was published Aug 15, 2023
Permission control vulnerability in the audio module. Successful exploitation of this... High Unreviewed
CVE-2023-39380 was published Aug 13, 2023
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected... High Unreviewed
CVE-2023-37373 was published Aug 8, 2023
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component:... High Unreviewed
CVE-2023-22047 was published Jul 18, 2023
The web interface on the RIGOL MSO5000 digital oscilloscope with firmware 00.01.03.00.03 allows... High Unreviewed
CVE-2023-38379 was published Jul 16, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database