Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,386
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,480
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

243 advisories

Loading
Vulnerability of incomplete read and write permission verification in the GPU module. Successful... Critical Unreviewed
CVE-2021-46890 was published Jul 5, 2023
Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at... Critical Unreviewed
CVE-2023-26258 was published Jul 3, 2023
UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on... Critical Unreviewed
CVE-2023-31997 was published Jul 1, 2023
Milesight NCR/camera version 71.8.0.6-r5 allows authentication bypass through an unspecified method. Critical Unreviewed
CVE-2023-32220 was published Jun 12, 2023
An issue was discovered in freakchicken kafkaUI-lite 1.2.11 allows attackers on the same network... Critical Unreviewed
CVE-2023-27716 was published Jun 12, 2023
Wade Graphic Design FANTSY has a vulnerability of insufficient authorization check. An... Critical Unreviewed
CVE-2023-28698 was published Jun 2, 2023
In JetBrains TeamCity before 2023.05 bypass of permission checks allowing to perform admin... Critical Unreviewed
CVE-2023-34218 was published May 31, 2023
The GarminOS TVM component in CIQ API version 2.1.0 through 4.1.7 allows applications with a... Critical Unreviewed
CVE-2023-23304 was published May 23, 2023
Improper authentication vulnerability in T&D Corporation and ESPEC MIC CORP. data logger products... Critical Unreviewed
CVE-2023-27388 was published May 23, 2023
This vulnerability exists in Milesight 4K/H.265 Series NVR models (MS-Nxxxx-xxG, MS-Nxxxx-xxE, MS... Critical Unreviewed
CVE-2023-30467 was published Apr 28, 2023
Incorrect Authorization vulnerability in Apache Software Foundation Apache IoTDB.This issue... Critical Unreviewed
CVE-2023-30771 was published Apr 17, 2023
An authentication bypass vulnerability in the web client interface for the CL4NX printer before... Critical Unreviewed
CVE-2023-23594 was published Mar 31, 2023
An authentication bypass vulnerability in the Password Reset component of Gladinet CentreStack... Critical Unreviewed
CVE-2023-26829 was published Mar 31, 2023
Incorrect authorization in OMICRON StationGuard 1.10 through 2.20 and StationScout 1.30 through 2... Critical Unreviewed
CVE-2023-28611 was published Mar 23, 2023
A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment... Critical Unreviewed
CVE-2022-48284 was published Feb 27, 2023
A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment... Critical Unreviewed
CVE-2022-48283 was published Feb 27, 2023
TOTOLINK A720R V4.1.5cu.532_ B20210610 is vulnerable to Incorrect Access Control. Critical Unreviewed
CVE-2023-23064 was published Feb 18, 2023
An improper authorization vulnerability [CWE-285] in Fortinet FortiNAC version 9.4.0 through 9.4... Critical Unreviewed
CVE-2022-38375 was published Feb 16, 2023
In Boa, there is a possible escalation of privilege due to a missing permission check. This could... Critical Unreviewed
CVE-2021-31577 was published Feb 7, 2023
A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to... Critical Unreviewed
CVE-2022-47003 was published Feb 1, 2023
Last Yard 22.09.8-1 does not enforce HSTS headers Critical Unreviewed
CVE-2022-47714 was published Feb 1, 2023
A vulnerability in the Remember Me function of Masa CMS v7.2, 7.3, and 7.4-beta allows attackers... Critical Unreviewed
CVE-2022-47002 was published Feb 1, 2023
An issue was discovered in LIVEBOX Collaboration vDesk before v018. Broken Access Control can... Critical Unreviewed
CVE-2022-45172 was published Jan 31, 2023
An issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass... Critical Unreviewed
CVE-2022-48066 was published Jan 27, 2023
An incorrect authorization vulnerability was identified in GitHub Enterprise Server, allowing for... Critical Unreviewed
CVE-2022-23739 was published Jan 17, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database