Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,360 advisories

Loading
Bentley eB System Management Console applications within Assetwise Integrity Information Server... High Unreviewed
CVE-2023-51708 was published Dec 22, 2023
An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed... High Unreviewed
CVE-2023-6847 was published Dec 21, 2023
Apache Pulsar WebSocket Proxy contains an Improper Authentication vulnerability High
CVE-2023-37544 was published for org.apache.pulsar:pulsar-websocket (Maven) Dec 20, 2023
Authentication bypass vulnerability in navidrome's subsonic endpoint High
CVE-2023-51442 was published for github.com/navidrome/navidrome (Go) Dec 19, 2023
crazygolem
** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fortinet... High Unreviewed
CVE-2023-44252 was published Dec 13, 2023
Improper Authentication vulnerability in Nadatel DVR allows Information Elicitation.This issue... High Unreviewed
CVE-2023-45801 was published Dec 13, 2023
Missing authentication in the internal data streaming system in ProLion CryptoSpike 3.0.15P2... High Unreviewed
CVE-2023-36648 was published Dec 12, 2023
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate... High Unreviewed
CVE-2023-45866 was published Dec 8, 2023
The Bluetooth module of some Huawei Smart Screen products has an identity authentication bypass... High Unreviewed
CVE-2023-6514 was published Dec 6, 2023
Improper authentication in the SMA100 SSL-VPN virtual office portal allows a remote authenticated... High Unreviewed
CVE-2023-5970 was published Dec 5, 2023
An issue was discovered in Vonage Box Telephone Adapter VDV23 version VDV21-3.2.11-0.5.1, allows... High Unreviewed
CVE-2023-47304 was published Dec 5, 2023
Transient DOS in Automotive OS due to improper authentication to the secure IO calls. High Unreviewed
CVE-2023-33070 was published Dec 5, 2023
Information disclosure in SMU in Hitachi Vantara HNAS 14.8.7825.01 on Windows allows... High Unreviewed
CVE-2023-5808 was published Dec 5, 2023
Dell DM5500 5.14.0.0 and prior contain an improper authentication vulnerability. A remote... High Unreviewed
CVE-2023-44302 was published Dec 4, 2023
An improper authentication vulnerability in the authentication module of the Zyxel NAS326... High Unreviewed
CVE-2023-35137 was published Nov 30, 2023
Apache ActiveMQ Deserialization of Untrusted Data vulnerability High
CVE-2022-41678 was published for org.apache.activemq:apache-activemq (Maven) Nov 28, 2023
sunSUNQ
An authentication bypass exists in Arcserve UDP prior to version 9.2. An unauthenticated, remote... High Unreviewed
CVE-2023-41999 was published Nov 27, 2023
Cron log backup files contain administrator session IDs. It is trivial for any attacker who can... High Unreviewed
CVE-2023-4677 was published Nov 23, 2023
Memory Corruption in Core due to secure memory access by user while loading modem image. High Unreviewed
CVE-2023-24852 was published Nov 14, 2023
An issue discovered in Pfsense CE version 2.6.0 allows attackers to change the password of any... High Unreviewed
CVE-2023-29975 was published Nov 10, 2023
A locally authenticated attacker with low privileges can bypass authentication due to insecure... High Unreviewed
CVE-2022-44569 was published Nov 3, 2023
Unauthorized Access to Private Fields in User Registration API High
CVE-2023-39345 was published for @strapi/plugin-users-permissions (npm) Nov 3, 2023
dogusdeniz innerdvations
derrickmehaffy christiancp100
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism... High Unreviewed
CVE-2023-5627 was published Nov 1, 2023
A vulnerability classified as critical has been found in ColumbiaSoft Document Locator. This... High Unreviewed
CVE-2023-5830 was published Oct 27, 2023
An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The Web SSH terminal... High Unreviewed
CVE-2023-35794 was published Oct 27, 2023
ProTip! Advisories are also available from the GraphQL API