Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

299 advisories

Loading
Lack of authentication in case-exporting components in DDRT Dashcom Live through 2019-05-08... High Unreviewed
CVE-2019-11019 was published May 24, 2022
hide.me before 2.4.4 on macOS suffers from a privilege escalation vulnerability in the... High Unreviewed
CVE-2019-12174 was published May 24, 2022
All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak... High Unreviewed
CVE-2019-3411 was published May 24, 2022
Unauthenticated password hash disclosure in the User.getUserPWD method in eQ-3 AG Homematic CCU3... High Unreviewed
CVE-2019-9727 was published May 24, 2022
An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. An unauthenticated... High Unreviewed
CVE-2019-7404 was published May 24, 2022
websitebaker prior to and including 2.8.1 has an authentication error in backup module. High Unreviewed
CVE-2011-4322 was published Apr 22, 2022
xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank... High Unreviewed
CVE-2011-2187 was published Apr 22, 2022
Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service... High Unreviewed
CVE-2023-51571 was published Apr 2, 2024
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information... High Unreviewed
CVE-2020-25966 was published May 24, 2022
** DISPUTED ** SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and... High Unreviewed
CVE-2020-27986 was published May 24, 2022
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The physical UART debug port... High Unreviewed
CVE-2020-15483 was published May 24, 2022
Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a... High Unreviewed
CVE-2022-30313 was published Jul 29, 2022
The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement.... High Unreviewed
CVE-2022-30276 was published Jul 27, 2022
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with... High Unreviewed
CVE-2004-0213 was published Apr 29, 2022
D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server... High Unreviewed
CVE-2002-1810 was published Apr 30, 2022
Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication... High Unreviewed
CVE-2023-40545 was published Feb 6, 2024
The cloud provider MachineSense uses for integration and deployment for multiple MachineSense... High Unreviewed
CVE-2023-6221 was published Feb 2, 2024
MachineSense devices use unauthenticated MQTT messaging to monitor devices and remote... High Unreviewed
CVE-2023-49115 was published Feb 2, 2024
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation... High Unreviewed
CVE-2023-6942 was published Jan 30, 2024
An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2023-40393 was published Jan 11, 2024
An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions)... High Unreviewed
CVE-2022-45794 was published Jan 11, 2024
Windows LSA Spoofing Vulnerability. High Unreviewed
CVE-2022-26925 was published May 11, 2022
The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura... High Unreviewed
CVE-2023-40401 was published Oct 25, 2023
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an... High Unreviewed
CVE-2023-6595 was published Dec 14, 2023
Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An... High Unreviewed
CVE-2023-32460 was published Dec 8, 2023
ProTip! Advisories are also available from the GraphQL API