GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
299 advisories
Filter by severity
Lack of authentication in case-exporting components in DDRT Dashcom Live through 2019-05-08...
High
Unreviewed
CVE-2019-11019
was published
May 24, 2022
hide.me before 2.4.4 on macOS suffers from a privilege escalation vulnerability in the...
High
Unreviewed
CVE-2019-12174
was published
May 24, 2022
All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak...
High
Unreviewed
CVE-2019-3411
was published
May 24, 2022
Unauthenticated password hash disclosure in the User.getUserPWD method in eQ-3 AG Homematic CCU3...
High
Unreviewed
CVE-2019-9727
was published
May 24, 2022
An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 routers. An unauthenticated...
High
Unreviewed
CVE-2019-7404
was published
May 24, 2022
websitebaker prior to and including 2.8.1 has an authentication error in backup module.
High
Unreviewed
CVE-2011-4322
was published
Apr 22, 2022
xscreensaver before 5.14 crashes during activation and leaves the screen unlocked when in Blank...
High
Unreviewed
CVE-2011-2187
was published
Apr 22, 2022
Voltronic Power ViewPower Pro SocketService Missing Authentication Denial-of-Service...
High
Unreviewed
CVE-2023-51571
was published
Apr 2, 2024
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information...
High
Unreviewed
CVE-2020-25966
was published
May 24, 2022
** DISPUTED ** SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and...
High
Unreviewed
CVE-2020-27986
was published
May 24, 2022
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The physical UART debug port...
High
Unreviewed
CVE-2020-15483
was published
May 24, 2022
Honeywell Experion PKS Safety Manager through 2022-05-06 has Missing Authentication for a...
High
Unreviewed
CVE-2022-30313
was published
Jul 29, 2022
The Motorola MOSCAD and ACE line of RTUs through 2022-05-02 omit an authentication requirement....
High
Unreviewed
CVE-2022-30276
was published
Jul 27, 2022
Utility Manager in Windows 2000 launches winhlp32.exe while Utility Manager is running with...
High
Unreviewed
CVE-2004-0213
was published
Apr 29, 2022
D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server...
High
Unreviewed
CVE-2002-1810
was published
Apr 30, 2022
Authentication bypass when an OAuth2 Client is using client_secret_jwt as its authentication...
High
Unreviewed
CVE-2023-40545
was published
Feb 6, 2024
The cloud provider MachineSense uses for integration and deployment for multiple MachineSense...
High
Unreviewed
CVE-2023-6221
was published
Feb 2, 2024
MachineSense devices use unauthenticated MQTT messaging to monitor devices and remote...
High
Unreviewed
CVE-2023-49115
was published
Feb 2, 2024
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation...
High
Unreviewed
CVE-2023-6942
was published
Jan 30, 2024
An authentication issue was addressed with improved state management. This issue is fixed in...
High
Unreviewed
CVE-2023-40393
was published
Jan 11, 2024
An attacker with network access to the affected PLC (CJ-series and CS-series PLCs, all versions)...
High
Unreviewed
CVE-2022-45794
was published
Jan 11, 2024
The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura...
High
Unreviewed
CVE-2023-40401
was published
Oct 25, 2023
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an...
High
Unreviewed
CVE-2023-6595
was published
Dec 14, 2023
Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An...
High
Unreviewed
CVE-2023-32460
was published
Dec 8, 2023
ProTip!
Advisories are also available from the
GraphQL API