Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

267 advisories

Loading
D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel Critical Unreviewed
CVE-2024-38437 was published Jul 21, 2024
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without... Critical Unreviewed
CVE-2024-36445 was published Aug 22, 2024
The system application (com.transsion.kolun.aiservice) component does not perform an... Critical Unreviewed
CVE-2024-3701 was published Apr 15, 2024
An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway... Critical Unreviewed
CVE-2024-2013 was published Jun 11, 2024
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an... Critical Unreviewed
CVE-2024-5910 was published Jul 10, 2024
An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read,... Critical Unreviewed
CVE-2024-6422 was published Jul 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There... Critical Unreviewed
CVE-2022-32251 was published Jun 15, 2022
An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel... Critical Unreviewed
CVE-2024-32735 was published May 14, 2024
A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs.... Critical Unreviewed
CVE-2023-41918 was published Jul 2, 2024
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). Critical Unreviewed
CVE-2022-26501 was published Mar 18, 2022
Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability... Critical Unreviewed
CVE-2023-39457 was published May 3, 2024
Control Web Panel Missing Authentication Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed
CVE-2023-42121 was published May 3, 2024
A missing authentication for critical function vulnerability has been reported to affect... Critical Unreviewed
CVE-2024-32764 was published Apr 26, 2024
Moxa MiiNePort E1 has a vulnerability of insufficient access control. An unauthenticated remote... Critical Unreviewed
CVE-2023-28697 was published Apr 27, 2023
eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON API has Improper Access... Critical Unreviewed
CVE-2019-9585 was published May 24, 2022
SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication... Critical Unreviewed
CVE-2020-6207 was published May 24, 2022
A first-factor authentication bypass vulnerability exists in the PingFederate with PingID Radius... Critical Unreviewed
CVE-2023-39930 was published Oct 25, 2023
Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier... Critical Unreviewed
CVE-2023-26573 was published Oct 25, 2023
Vulnerability of access permissions not being strictly verified in the APPWidget module... Critical Unreviewed
CVE-2023-44116 was published Oct 11, 2023
Incorrect access control in 70mai a500s v1.2.119 allows attackers to directly access and delete... Critical Unreviewed
CVE-2023-43271 was published Oct 9, 2023
Saho’s attendance devices ADM100 and ADM-100FP have insufficient authentication. An... Critical Unreviewed
CVE-2023-38028 was published Aug 28, 2023
Missing Authentication for a Critical Function within the Kratos NGC Indoor Unit (IDU) before 11... Critical Unreviewed
CVE-2023-36669 was published Jul 18, 2023
AMI BMC contains a vulnerability in the IPMI handler, where an unauthenticated host is allowed to... Critical Unreviewed
CVE-2023-34335 was published Jul 6, 2023
In SAP AS NetWeaver JAVA - versions SERVERCORE 7.50, J2EE-FRMW 7.50, CORE-TOOLS 7.50, an... Critical Unreviewed
CVE-2023-30744 was published Jul 6, 2023
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior allow unauthenticated... Critical Unreviewed
CVE-2022-41629 was published Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API