Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+

879 advisories

Loading
Sensitive information disclosure due to improper authentication. The following products are... Critical Unreviewed
CVE-2022-30995 was published May 3, 2023
OpenText BizManager before 16.6.0.1 does not perform proper validation during the change-password... Critical Unreviewed
CVE-2022-35898 was published May 1, 2023
Concrete CMS (previously concrete5) is vulnerable to possible auth bypass in the jobs section Critical
CVE-2023-28473 was published for concrete5/concrete5 (Composer) Apr 28, 2023
MarkLee131
This vulnerability exists in GajShield Data Security Firewall firmware versions prior to v4.28 ... Critical Unreviewed
CVE-2023-1778 was published Apr 27, 2023
Use of default password vulnerability in PowerPanel Business Local/Remote for Windows v4.8.6 and... Critical Unreviewed
CVE-2023-25131 was published Apr 24, 2023
An issue was discovered in the ALU unit of the OR1200 (aka OpenRISC 1200) processor 2011-09-10... Critical Unreviewed
CVE-2021-40506 was published Apr 18, 2023
An issue was discovered in the ALU unit of the OR1200 (aka OpenRISC 1200) processor 2011-09-10... Critical Unreviewed
CVE-2021-40507 was published Apr 18, 2023
An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of... Critical Unreviewed
CVE-2023-28962 was published Apr 18, 2023
Apache IoTDB Grafana Connector vulnerable to Improper Authentication Critical
CVE-2023-24831 was published for apache-iotdb (Maven) Apr 17, 2023
The ZM Ajax Login & Register plugin for WordPress is vulnerable to authentication bypass in... Critical Unreviewed
CVE-2023-2027 was published Apr 15, 2023
An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor... Critical Unreviewed
CVE-2022-45173 was published Apr 14, 2023
An issue was discovered in LIVEBOX Collaboration vDesk through v018. A Bypass of Two-Factor... Critical Unreviewed
CVE-2022-45174 was published Apr 14, 2023
Authentication Bypass by Primary Weakness vulnerability in DTS Electronics Redline Router... Critical Unreviewed
CVE-2023-1833 was published Apr 14, 2023
Authentication Bypass by Alternate Name vulnerability in DTS Electronics Redline Router firmware... Critical Unreviewed
CVE-2023-1803 was published Apr 14, 2023
An issue in WooCommerce Payments plugin for WordPress (versions 5.6.1 and lower) allows an... Critical Unreviewed
CVE-2023-28121 was published Apr 12, 2023
Etcd-io Improper Authentication vulnerability Critical
CVE-2021-28235 was published for go.etcd.io/etcd/v3 (Go) Apr 4, 2023
jeecg-boot vulnerable to improper authentication Critical
CVE-2023-1784 was published for org.jeecgframework.boot:jeecg-boot-parent (Maven) Mar 31, 2023
An issue was discovered in LemonLDAP::NG before 2.16.1. Weak session ID generation in the... Critical Unreviewed
CVE-2023-28862 was published Mar 31, 2023
An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature... Critical Unreviewed
CVE-2023-27536 was published Mar 30, 2023
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5... Critical Unreviewed
CVE-2023-28503 was published Mar 29, 2023
Osprey Pump Controller version 1.01 could allow an unauthenticated user to create an account and... Critical Unreviewed
CVE-2023-28398 was published Mar 28, 2023
Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or... Critical Unreviewed
CVE-2022-4126 was published Mar 27, 2023
Ansible Semaphore mishandles authentication Critical
CVE-2023-28609 was published for github.com/ansible-semaphore/semaphore (Go) Mar 18, 2023
A vulnerability, which was classified as critical, was found in SourceCodester Medicine Tracker... Critical Unreviewed
CVE-2023-1464 was published Mar 17, 2023
A vulnerability was found in SourceCodester Online Pizza Ordering System 1.0. It has been... Critical Unreviewed
CVE-2023-1460 was published Mar 17, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database