GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,324
Composer 4,360
Erlang 33
GitHub Actions 22
Go 2,127
Maven 5,308
npm 3,793
NuGet 683
pip 3,471
Pub 12
RubyGems 894
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 244,779

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,052 advisories

Filter by severity

Sort by

Least recently updated

The online authentication provided by the hwKitAssistant lacks strict identity verification of... Moderate Unreviewed

CVE-2023-0117 was published May 26, 2023

An improper authorization vulnerability exists in Rocket.Chat <6.0 that could allow a hacker to... Moderate Unreviewed

CVE-2023-28325 was published May 12, 2023

Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser... Moderate Unreviewed

CVE-2023-0858 was published May 11, 2023

Authentication bypass vulnerability in NEXT ENGINE Integration Plugin (for EC-CUBE 2.0 series)... Moderate Unreviewed

CVE-2023-27919 was published May 10, 2023

An improper authentication vulnerability exists in Avalanche Premise versions 6.3.x and below... Moderate Unreviewed

CVE-2023-28125 was published May 10, 2023

The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3,... Moderate Unreviewed

CVE-2023-28182 was published May 8, 2023

The PingID RADIUS PCV adapter for PingFederate, which supports RADIUS authentication with PingID... Moderate Unreviewed

CVE-2022-40723 was published Apr 25, 2023

An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper... Moderate Unreviewed

CVE-2023-28963 was published Apr 18, 2023

The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing... Moderate Unreviewed

CVE-2022-48314 was published Apr 16, 2023

A vulnerability in the web conferencing component of Mitel MiCollab through 9.6.2.9 could allow... Moderate Unreviewed

CVE-2023-25597 was published Apr 14, 2023

Two factor authentication bypass on login in Devolutions Remote Desktop Manager 2022.3.35 and... Moderate Unreviewed

CVE-2023-1980 was published Apr 11, 2023

An authentication bypass vulnerability exists in libcurl v8.0.0 where it reuses a previously... Moderate Unreviewed

CVE-2023-27538 was published Mar 30, 2023

Improper authentication in SecSettings prior to SMR Mar-2023 Release 1 allows attacker to reset... Moderate Unreviewed

CVE-2023-21460 was published Mar 16, 2023

IBM Robotic Process Automation 21.0.0 - 21.0.7 and 23.0.0 is vulnerable to client-side validation... Moderate Unreviewed

CVE-2022-46773 was published Mar 15, 2023

IBM Manage Application 8.8.0 and 8.9.0 in the IBM Maximo Application Suite is vulnerable to... Moderate Unreviewed

CVE-2022-46774 was published Mar 15, 2023

Medtronic identified that the Pelvic Health clinician apps, which are installed on the Smart... Moderate Unreviewed

CVE-2023-25931 was published Mar 1, 2023

This vulnerability in the Snyk Kubernetes Monitor can result in irrelevant data being posted to a... Moderate Unreviewed

CVE-2023-1065 was published Feb 28, 2023

There is a data processing error vulnerability in Leia-B29 2.0.0.49(M03). Successful exploitation... Moderate Unreviewed

CVE-2022-48254 was published Feb 27, 2023

A vulnerability in the CLI console login authentication of Cisco Nexus 9300-FX3 Series Fabric... Moderate Unreviewed

CVE-2023-20012 was published Feb 23, 2023

Improper access control vulnerability in Phone application prior to SMR Feb-2023 Release 1 allows... Moderate Unreviewed

CVE-2023-21437 was published Feb 9, 2023

Improper access control vulnerability in telecom application prior to SMR JAN-2023 Release 1... Moderate Unreviewed

CVE-2023-21425 was published Feb 9, 2023

In (TBD) of (TBD), there is a possible way to bypass the lockscreen due to Biometric Auth Failure... Moderate Unreviewed

CVE-2023-20924 was published Jan 26, 2023

Use of password hash instead of password for authentication vulnerability in CONPROSYS HMI System... Moderate Unreviewed

CVE-2023-22334 was published Jan 20, 2023

Under certain configurations, an attacker can login to Aruba EdgeConnect Enterprise Orchestrator... Moderate Unreviewed

CVE-2022-43528 was published Jan 5, 2023

Incorrect implementation in authentication protocol in M-Files Client before 22.5.11356.0 allows... Moderate Unreviewed

CVE-2022-4861 was published Dec 30, 2022

Previous 1 2 … 5 6 7 8 9 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,052 advisories