GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
299 advisories
Filter by severity
SAUTER Controls Nova 200–220 Series with firmware version 3.3-006 and prior and BACnetstac...
High
Unreviewed
CVE-2023-0052
was published
Jul 6, 2023
Windows Update Stack Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-26235
was published
Apr 9, 2024
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which...
High
Unreviewed
CVE-2022-22576
was published
May 27, 2022
Missing authentication in the GetActiveToiletPasses method in IDAttend’s IDWeb application 3.1...
High
Unreviewed
CVE-2023-27257
was published
Oct 25, 2023
Missing authentication in the StudentPopupDetails_ContactDetails method in IDAttend’s IDWeb...
High
Unreviewed
CVE-2023-27375
was published
Oct 25, 2023
Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1...
High
Unreviewed
CVE-2023-27259
was published
Oct 25, 2023
Missing authentication in the GetStudentGroupStudents method in IDAttend’s IDWeb application...
High
Unreviewed
CVE-2023-27258
was published
Oct 25, 2023
Missing authentication in the SearchStudentsRFID method in IDAttend’s IDWeb application 3.1.052...
High
Unreviewed
CVE-2023-26576
was published
Oct 25, 2023
Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the...
High
Unreviewed
CVE-2023-26580
was published
Oct 25, 2023
Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and...
High
Unreviewed
CVE-2023-26574
was published
Oct 25, 2023
Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052...
High
Unreviewed
CVE-2023-26575
was published
Oct 25, 2023
Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and...
High
Unreviewed
CVE-2023-26571
was published
Oct 25, 2023
Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb...
High
Unreviewed
CVE-2023-26570
was published
Oct 25, 2023
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to...
High
Unreviewed
CVE-2023-43045
was published
Oct 23, 2023
An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored...
High
Unreviewed
CVE-2023-4884
was published
Oct 3, 2023
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the IGSS Update...
High
Unreviewed
CVE-2023-4516
was published
Sep 14, 2023
A Missing Authentication for Critical Function vulnerability in the Schweitzer Engineering...
High
Unreviewed
CVE-2023-34392
was published
Aug 31, 2023
Saho’s attendance devices ADM100 and ADM-100FP have a vulnerability of missing authentication...
High
Unreviewed
CVE-2023-38030
was published
Aug 28, 2023
Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the...
High
Unreviewed
CVE-2023-38422
was published
Aug 24, 2023
Broadcom RAID Controller Web server (nginx) is serving private server-side files without any...
High
Unreviewed
CVE-2023-4335
was published
Aug 15, 2023
Broadcom RAID Controller Web server (nginx) is serving private files without any authentication
High
Unreviewed
CVE-2023-4334
was published
Aug 15, 2023
A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected...
High
Unreviewed
CVE-2023-37373
was published
Aug 8, 2023
Missing Authentication for Critical Function vulnerability in Honeywell OneWireless allows...
High
Unreviewed
CVE-2022-4240
was published
Jul 6, 2023
Due to missing authentication and insufficient input validation, the OSCommand Bridge of SAP...
High
Unreviewed
CVE-2023-27267
was published
Jul 6, 2023
Authentication is currently unsupported in Haas Controller version 100.20.000.1110 when using the...
High
Unreviewed
CVE-2022-2474
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API