GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,120 advisories
Filter by severity
An issue in TheGreenBow Windows Standard VPN Client 6.87.108 (and older), Windows Enterprise VPN...
High
Unreviewed
CVE-2024-45750
was published
Sep 25, 2024
Due to missing authentication check in SAP Host Agent - version 7.22, an unauthenticated attacker...
Moderate
Unreviewed
CVE-2023-36926
was published
Aug 8, 2023
Missing authentication in the StudentPopupDetails_EmergencyContactDetails method in...
High
Unreviewed
CVE-2023-27377
was published
Oct 25, 2023
An issue was discovered in vesoft NebulaGraph through 3.8.0. It allows bypassing authentication.
Critical
Unreviewed
CVE-2024-47218
was published
Sep 22, 2024
A condition exists in FlashArray Purity whereby an attacker can employ a privileged account...
Critical
Unreviewed
CVE-2024-0002
was published
Sep 23, 2024
Securepoint UTM before 12.6.5 mishandles OTP codes.
High
Unreviewed
CVE-2024-39340
was published
Jul 12, 2024
Improper authentication in some Zoom clients before version 5.16.5 may allow an authenticated...
Moderate
Unreviewed
CVE-2023-49646
was published
Dec 14, 2023
Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310...
High
Unreviewed
CVE-2023-42771
was published
Oct 3, 2023
There is a difficult to exploit improper authentication issue in the Home application for Esri...
High
Unreviewed
CVE-2024-25699
was published
Apr 4, 2024
Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation...
Moderate
Unreviewed
CVE-2023-43582
was published
Nov 15, 2023
An authentication issue was addressed with improved state management. This issue is fixed in iOS...
Moderate
Unreviewed
CVE-2024-44202
was published
Sep 17, 2024
This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and...
Moderate
Unreviewed
CVE-2024-44127
was published
Sep 17, 2024
**UNSUPPORTED WHEN ASSIGNED** An issue was discovered in BMC Remedy Mid Tier 7.6.04. An...
Critical
Unreviewed
CVE-2024-34399
was published
Sep 18, 2024
Improper authentication vulnerability in multiple digital video recorders provided by TAKENAKA...
High
Unreviewed
CVE-2024-41929
was published
Sep 18, 2024
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an insufficient authentication...
Critical
Unreviewed
CVE-2024-8956
was published
Sep 17, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)...
High
Unreviewed
CVE-2023-21841
was published
Jan 18, 2023
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is...
Moderate
Unreviewed
CVE-2023-40660
was published
Nov 6, 2023
Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's...
High
Unreviewed
CVE-2021-45036
was published
Nov 28, 2022
A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart...
Moderate
Unreviewed
CVE-2023-25493
was published
Apr 5, 2024
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Authentication...
High
Unreviewed
CVE-2024-45113
was published
Sep 13, 2024
CVE-2024-45823 IMPACT
An
authentication bypass vulnerability exists in the affected product....
Critical
Unreviewed
CVE-2024-45823
was published
Sep 12, 2024
Sensitive information disclosure and manipulation due to improper authentication. The following...
High
Unreviewed
CVE-2023-45246
was published
Oct 6, 2023
Sensitive information disclosure and manipulation due to improper authentication. The following...
Moderate
Unreviewed
CVE-2023-44152
was published
Sep 27, 2023
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-38225
was published
Sep 10, 2024
Loftware Spectrum before 4.6 HF14 has Missing Authentication for a Critical Function.
Critical
Unreviewed
CVE-2023-37226
was published
Sep 10, 2024
ProTip!
Advisories are also available from the
GraphQL API