Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

299 advisories

Loading
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server... High Unreviewed
CVE-2023-27980 was published Mar 21, 2023
Missing authentication in ShenYu High
CVE-2022-23945 was published for org.apache.shenyu:shenyu-common (Maven) Jan 28, 2022
tdunlap607
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the... High Unreviewed
CVE-2023-27532 was published Mar 11, 2023
LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to perform... High Unreviewed
CVE-2023-22803 was published Feb 15, 2023
On SOYAL AR-727H and AR-829Ev5 devices, all CGI programs allow unauthenticated POST access. High Unreviewed
CVE-2019-6451 was published May 24, 2022
The bundle management module lacks authentication and control mechanisms in some APIs. Successful... High Unreviewed
CVE-2022-48288 was published Feb 9, 2023
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this... High Unreviewed
CVE-2022-48299 was published Feb 9, 2023
The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this... High Unreviewed
CVE-2022-48300 was published Feb 9, 2023
The bundle management module lacks authentication and control mechanisms in some APIs. Successful... High Unreviewed
CVE-2022-48289 was published Feb 9, 2023
Apollo has potential access control security issue in eureka High
CVE-2023-25570 was published for com.ctrip.framework.apollo:apollo (Maven) Feb 22, 2023
A security vulnerability exists in the Zingbox Inspector versions 1.280 and earlier, where... High Unreviewed
CVE-2019-15018 was published May 24, 2022
Missing authentication when creating and managing the B&R APROL database in versions < R 4.2-07... High Unreviewed
CVE-2022-43761 was published Feb 8, 2023
Broken Access Control in 3rd party TYPO3 extension "femanager" High
CVE-2023-25013 was published for in2code/femanager (Composer) Feb 2, 2023
ohader
A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for... High Unreviewed
CVE-2020-25697 was published May 24, 2022
Broken Access Control in 3rd party TYPO3 extension "femanager" High
CVE-2023-25014 was published for in2code/femanager (Composer) Feb 2, 2023
ohader
The Bosch software tools AccessIPConfig.exe and AmcIpConfig.exe are used to configure certains... High Unreviewed
CVE-2021-23843 was published Jan 20, 2022
IBM Security Identity Manager Adapters 6.0 and 7.0 does not perform an authentication check for a... High Unreviewed
CVE-2017-1483 was published May 17, 2022
The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no... High Unreviewed
CVE-2017-8155 was published May 17, 2022
The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no... High Unreviewed
CVE-2017-8156 was published May 17, 2022
SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for... High Unreviewed
CVE-2018-2360 was published May 14, 2022
Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and... High Unreviewed
CVE-2017-10854 was published May 14, 2022
Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm"... High Unreviewed
CVE-2014-7271 was published May 14, 2022
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication... High Unreviewed
CVE-2018-0521 was published May 14, 2022
Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute... High Unreviewed
CVE-2018-0554 was published May 14, 2022
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an... High Unreviewed
CVE-2018-11476 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API