GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
299 advisories
Filter by severity
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server...
High
Unreviewed
CVE-2023-27980
was published
Mar 21, 2023
Missing authentication in ShenYu
High
CVE-2022-23945
was published
for
org.apache.shenyu:shenyu-common
(Maven)
Jan 28, 2022
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the...
High
Unreviewed
CVE-2023-27532
was published
Mar 11, 2023
LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to perform...
High
Unreviewed
CVE-2023-22803
was published
Feb 15, 2023
On SOYAL AR-727H and AR-829Ev5 devices, all CGI programs allow unauthenticated POST access.
High
Unreviewed
CVE-2019-6451
was published
May 24, 2022
The bundle management module lacks authentication and control mechanisms in some APIs. Successful...
High
Unreviewed
CVE-2022-48288
was published
Feb 9, 2023
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this...
High
Unreviewed
CVE-2022-48299
was published
Feb 9, 2023
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this...
High
Unreviewed
CVE-2022-48300
was published
Feb 9, 2023
The bundle management module lacks authentication and control mechanisms in some APIs. Successful...
High
Unreviewed
CVE-2022-48289
was published
Feb 9, 2023
Apollo has potential access control security issue in eureka
High
CVE-2023-25570
was published
for
com.ctrip.framework.apollo:apollo
(Maven)
Feb 22, 2023
A security vulnerability exists in the Zingbox Inspector versions 1.280 and earlier, where...
High
Unreviewed
CVE-2019-15018
was published
May 24, 2022
Missing authentication when creating and managing the B&R APROL database in versions < R 4.2-07...
High
Unreviewed
CVE-2022-43761
was published
Feb 8, 2023
Broken Access Control in 3rd party TYPO3 extension "femanager"
High
CVE-2023-25013
was published
for
in2code/femanager
(Composer)
Feb 2, 2023
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for...
High
Unreviewed
CVE-2020-25697
was published
May 24, 2022
Broken Access Control in 3rd party TYPO3 extension "femanager"
High
CVE-2023-25014
was published
for
in2code/femanager
(Composer)
Feb 2, 2023
The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains...
High
Unreviewed
CVE-2021-23843
was published
Jan 20, 2022
IBM Security Identity Manager Adapters 6.0 and 7.0 does not perform an authentication check for a...
High
Unreviewed
CVE-2017-1483
was published
May 17, 2022
The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no...
High
Unreviewed
CVE-2017-8155
was published
May 17, 2022
The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no...
High
Unreviewed
CVE-2017-8156
was published
May 17, 2022
SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for...
High
Unreviewed
CVE-2018-2360
was published
May 14, 2022
Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and...
High
Unreviewed
CVE-2017-10854
was published
May 14, 2022
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm"...
High
Unreviewed
CVE-2014-7271
was published
May 14, 2022
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication...
High
Unreviewed
CVE-2018-0521
was published
May 14, 2022
Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute...
High
Unreviewed
CVE-2018-0554
was published
May 14, 2022
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an...
High
Unreviewed
CVE-2018-11476
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API