GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,309
Composer 4,359
Erlang 33
GitHub Actions 22
Go 2,126
Maven 5,307
npm 3,787
NuGet 683
pip 3,467
Pub 12
RubyGems 894
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,676

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,052 advisories

Filter by severity

Sort by

Least recently updated

Improper authentication in some Intel(R) NUC Kit NUC11PH USB firmware installation software... Moderate Unreviewed

CVE-2023-28377 was published Nov 14, 2023

Improper authentication for some Intel Unison software may allow an authenticated user to... Moderate Unreviewed

CVE-2023-22663 was published Nov 14, 2023

A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is... Moderate Unreviewed

CVE-2023-40660 was published Nov 6, 2023

An issue in Beijing Yunfan Internet Technology Co., Ltd, Yunfan Learning Examination System v.6.5... Moderate Unreviewed

CVE-2023-46963 was published Nov 5, 2023

RMI was not requiring authentication when calling ChronosRMIService:setEventOrganizer. Attackers... Moderate Unreviewed

CVE-2023-26455 was published Nov 2, 2023

Multiple MFPs (multifunction printers) provided by FUJIFILM Business Innovation Corp. and Xerox... Moderate Unreviewed

CVE-2023-46327 was published Nov 2, 2023

In SEPolicy, there is a possible way to access the factory MAC address due to a permissions... Moderate Unreviewed

CVE-2023-21297 was published Oct 30, 2023

In Bluetooth, there is a possible way for a paired Bluetooth device to access a long term... Moderate Unreviewed

CVE-2023-21307 was published Oct 30, 2023

A vulnerability has been identified in the MR2600 router v1.0.18 and earlier that could allow an... Moderate Unreviewed

CVE-2022-3681 was published Oct 27, 2023

Standard users can directly operate and set printer configuration information , such as IP, in... Moderate Unreviewed

CVE-2022-34887 was published Oct 27, 2023

Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and... Moderate Unreviewed

CVE-2023-27256 was published Oct 25, 2023

Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3... Moderate Unreviewed

CVE-2023-27261 was published Oct 25, 2023

IBM Cognos Dashboards on Cloud Pak for Data 4.7.0 could allow a remote attacker to bypass... Moderate Unreviewed

CVE-2023-38735 was published Oct 22, 2023

The SALESmanago plugin for WordPress is vulnerable to Log Injection in versions up to, and... Moderate Unreviewed

CVE-2023-4939 was published Oct 21, 2023

An issue was discovered in /fcgi/scrut_fcgi.fcgi in Plixer Scrutinizer before 19.3.1. The... Moderate Unreviewed

CVE-2023-41261 was published Oct 13, 2023

IBM UrbanCode Deploy (UCD) 7.1 - 7.1.2.12, 7.2 through 7.2.3.5, and 7.3 through 7.3.2.0 under... Moderate Unreviewed

CVE-2023-40376 was published Oct 4, 2023

A vulnerability classified as critical has been found in SATO CL4NX-J Plus 1.13.2-u455_r2. This... Moderate Unreviewed

CVE-2023-5328 was published Oct 2, 2023

A vulnerability was found in SATO CL4NX-J Plus 1.13.2-u455_r2. It has been declared as critical.... Moderate Unreviewed

CVE-2023-5326 was published Oct 2, 2023

A vulnerability classified as problematic was found in Field Logic DataCube4 up to 20231001. This... Moderate Unreviewed

CVE-2023-5329 was published Oct 2, 2023

Sensitive information disclosure and manipulation due to improper authentication. The following... Moderate Unreviewed

CVE-2023-44152 was published Sep 27, 2023

Zoho ManageEngine ADManager Plus before 7203 allows 2FA bypass (for AuthToken generation) in REST... Moderate Unreviewed

CVE-2023-41904 was published Sep 27, 2023

A vulnerability classified as critical has been found in Supcon InPlant SCADA up to 20230901.... Moderate Unreviewed

CVE-2023-4985 was published Sep 15, 2023

PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and... Moderate Unreviewed

CVE-2023-4568 was published Sep 13, 2023

Improper authentication in Zoom clients may allow an authenticated user to conduct a denial of... Moderate Unreviewed

CVE-2023-39215 was published Sep 12, 2023

The JMX Console within the Rockwell Automation Pavilion8 is exposed to application users and... Moderate Unreviewed

CVE-2023-29463 was published Sep 12, 2023

Previous 1 2 3 4 5 6 7 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,052 advisories