GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
299 advisories
Filter by severity
In WESEEK GROWI before 3.5.0, a remote attacker can obtain the password hash of the creator of a...
High
Unreviewed
CVE-2019-13338
was published
May 24, 2022
A vulnerability has been identified in TIA Administrator (All versions < V1.0 SP1 Upd1). The...
High
Unreviewed
CVE-2019-10915
was published
May 24, 2022
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making...
High
Unreviewed
CVE-2019-14511
was published
May 24, 2022
A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker...
High
Unreviewed
CVE-2019-11061
was published
May 24, 2022
A broken access control vulnerability found in Advan VD-1 firmware versions up to 230. An...
High
Unreviewed
CVE-2019-13406
was published
May 24, 2022
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This...
High
Unreviewed
CVE-2019-15043
was published
May 24, 2022
An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ethernet R07 and before WLAN R05...
High
Unreviewed
CVE-2019-17219
was published
May 24, 2022
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated...
High
Unreviewed
CVE-2019-3978
was published
May 24, 2022
Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists...
High
Unreviewed
CVE-2019-18230
was published
May 24, 2022
An issue was discovered in the Infosysta "In-App & Desktop Notifications" app 1.6.13_J8 for Jira....
High
Unreviewed
CVE-2019-16906
was published
May 24, 2022
The udpServerSys service in Petwant PF-103 firmware 4.22.2.42 and Petalk AI 3.2.2.30 allows...
High
Unreviewed
CVE-2019-16731
was published
May 24, 2022
The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated...
High
Unreviewed
CVE-2019-16893
was published
May 24, 2022
BlackVue DR750-2CH LTE v.1.012_2022.10.26 does not employ authentication in its web server. This...
High
Unreviewed
CVE-2023-27747
was published
Apr 13, 2023
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause...
High
Unreviewed
CVE-2023-29413
was published
Apr 18, 2023
Missing authentication for critical function exists in Seiko Solutions SkyBridge series, which...
High
Unreviewed
CVE-2023-22441
was published
May 10, 2023
Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware Ver. 4.2.0...
High
Unreviewed
CVE-2023-23906
was published
May 10, 2023
Missing Authentication for Critical Function in SICK Flexi Classic and Flexi Soft Gateways with...
High
Unreviewed
CVE-2023-23444
was published
May 12, 2023
Missing Authentication for critical function vulnerability in HYPR Server allows Authentication...
High
Unreviewed
CVE-2023-1837
was published
May 23, 2023
IC Realtime ICIP-P2012T 2.420 is vulnerable to Incorrect Access Control via an exposed HTTP...
High
Unreviewed
CVE-2023-31594
was published
May 25, 2023
The reminder module lacks an authentication mechanism for broadcasts received. Successful...
High
Unreviewed
CVE-2023-0116
was published
May 26, 2023
Missing authentication for critical function in Wi-Fi AP UNIT allows a remote unauthenticated...
High
Unreviewed
CVE-2023-31196
was published
Jun 13, 2023
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows...
High
Unreviewed
CVE-2023-36347
was published
Jun 30, 2023
Hero Qubo HCD01_02_V1.38_20220125 devices allow TELNET access with root privileges by default,...
High
Unreviewed
CVE-2023-22906
was published
Jul 4, 2023
Missing authentication vulnerability in Galaxy Themes Service prior to SMR Jul-2023 Release 1...
High
Unreviewed
CVE-2023-30643
was published
Jul 6, 2023
Authentication is currently unsupported in Haas Controller version 100.20.000.1110 when using the...
High
Unreviewed
CVE-2022-2474
was published
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API