Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,074
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+

262 advisories

Loading
A vulnerability in the social login configuration option for the guest users of Cisco Business... Moderate Unreviewed
CVE-2023-20003 was published May 18, 2023
cross-site inclusion (XSSI) of files in jupyter-server Moderate
CVE-2023-40170 was published for jupyter-server (pip) Aug 29, 2023
An authentication issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed
CVE-2023-42845 was published Oct 25, 2023
A vulnerability has been identified in SIMATIC PCS neo (All versions < V4.1). The PUD Manager of... Moderate Unreviewed
CVE-2023-46096 was published Nov 14, 2023
Lack of authentication vulnerability. An unauthenticated local user is able to see through the... Moderate Unreviewed
CVE-2023-3104 was published Nov 22, 2023
Missing Authentication in Apache Software Foundation Apache OFBiz when using the Solr plugin.... Moderate Unreviewed
CVE-2023-46819 was published Nov 10, 2023
There is no BIOS password on the FACSChorus workstation. A threat actor with physical access to... Moderate Unreviewed
CVE-2023-29061 was published Nov 28, 2023
The FACSChorus workstation operating system does not restrict what devices can interact with its... Moderate Unreviewed
CVE-2023-29060 was published Nov 28, 2023
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an... Moderate Unreviewed
CVE-2023-6368 was published Dec 14, 2023
Improper Input Validation and Missing Authentication for Critical Function in Apache ActiveMQ Moderate
CVE-2015-7559 was published for org.apache.activemq:activemq-client (Maven) Aug 1, 2019
sunSUNQ
Lack of authentication mechanism in Jenkins Git Plugin webhook Moderate
CVE-2022-36884 was published for org.jenkins-ci.plugins:git (Maven) Jul 28, 2022
NotMyFault
NVIDIA DGX A100 BMC contains a vulnerability where a user may cause a missing authentication... Moderate Unreviewed
CVE-2023-31033 was published Jan 12, 2024
The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress allows unauthenticated... Moderate Unreviewed
CVE-2019-9881 was published May 24, 2022
An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions... Moderate Unreviewed
CVE-2023-51062 was published Jan 13, 2024
Etcd Gateway TLS authentication only applies to endpoints detected in DNS SRV records Moderate
CVE-2020-15136 was published for go.etcd.io/etcd (Go) Jan 31, 2024
Dell PowerScale OneFS versions 9.0.0.x through 9.6.0.x contains a missing authentication for... Moderate Unreviewed
CVE-2024-22449 was published Feb 1, 2024
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX... Moderate Unreviewed
CVE-2023-36851 was published Sep 27, 2023
In Montala ResourceSpace through 9.8 before r19636, csv_export_results_metadata.php allows... Moderate Unreviewed
CVE-2022-31260 was published Jul 18, 2022
The ListView control in the Client GUI (AClient.exe) in Symantec Altiris Deployment Solution 6.x... Moderate Unreviewed
CVE-2008-6827 was published May 17, 2022
A vulnerability was found in CodeAstro House Rental Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2024-2076 was published Mar 1, 2024
Improper Authentication in Apache ActiveMQ Moderate
CVE-2020-13920 was published for org.apache.activemq:activemq-parent (Maven) Feb 9, 2022
sunSUNQ
** DISPUTED ** BIRD through 2.0.7 does not provide functionality for password authentication of... Moderate Unreviewed
CVE-2021-26928 was published May 24, 2022
** DISPUTED ** A Missing Authentication for Critical Function issue affecting the HTTP service... Moderate Unreviewed
CVE-2023-6949 was published Apr 2, 2024
In NetworkManager 0.9.2.0, when a new wireless network was created with WPA/WPA2 security in... Moderate Unreviewed
CVE-2012-2736 was published Apr 23, 2022
An incorrect access control exists in the Sony Photo Sharing Plus application in the firmware... Moderate Unreviewed
CVE-2019-10886 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database