Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

358 advisories

Loading
SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7... High Unreviewed
CVE-2023-35874 was published Jul 11, 2023
Missing Authentication for Critical Function vulnerability in Honeywell OneWireless allows... High Unreviewed
CVE-2022-4240 was published Jul 6, 2023
Due to missing authentication and insufficient input validation, the OSCommand Bridge of SAP... High Unreviewed
CVE-2023-27267 was published Jul 6, 2023
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac... High Unreviewed
CVE-2023-0052 was published Jul 6, 2023
Authentication is currently unsupported in Haas Controller version 100.20.000.1110 when using the... High Unreviewed
CVE-2022-2474 was published Jul 6, 2023
Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1... High Unreviewed
CVE-2023-30643 was published Jul 6, 2023
Hero Qubo HCD01_02_V1.38_20220125 devices allow TELNET access with root privileges by default,... High Unreviewed
CVE-2023-22906 was published Jul 4, 2023
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows... High Unreviewed
CVE-2023-36347 was published Jun 30, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48496 was published Jun 19, 2023
Vulnerability of lax app identity verification in the pre-authorization function.Successful... High Unreviewed
CVE-2022-48494 was published Jun 19, 2023
Missing authentication for critical function in Wi-Fi AP UNIT allows a remote unauthenticated... High Unreviewed
CVE-2023-31196 was published Jun 13, 2023
The reminder module lacks an authentication mechanism for broadcasts received. Successful... High Unreviewed
CVE-2023-0116 was published May 26, 2023
IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via an exposed HTTP... High Unreviewed
CVE-2023-31594 was published May 25, 2023
Missing Authentication for critical function vulnerability in HYPR Server allows Authentication... High Unreviewed
CVE-2023-1837 was published May 23, 2023
Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with... High Unreviewed
CVE-2023-23444 was published May 12, 2023
Missing authentication for critical function exists in Seiko Solutions SkyBridge series, which... High Unreviewed
CVE-2023-22441 was published May 10, 2023
Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0... High Unreviewed
CVE-2023-23906 was published May 10, 2023
Mage-ai missing user authentication High
CVE-2023-31143 was published for mage-ai (pip) May 5, 2023
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... High Unreviewed
CVE-2023-29413 was published Apr 18, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2023-21979 was published Apr 18, 2023
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2023-21931 was published Apr 18, 2023
BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authentication in its web server. This... High Unreviewed
CVE-2023-27747 was published Apr 13, 2023
This vulnerability allows network-adjacent attackers to bypass authentication on affected... High Unreviewed
CVE-2022-27645 was published Mar 29, 2023
When Xiaomi router firmware is updated in 2020, there is an unauthenticated API that can reveal... High Unreviewed
CVE-2020-14140 was published Mar 29, 2023
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server... High Unreviewed
CVE-2023-27980 was published Mar 21, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database