Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,698
Maven
5,000+
npm
4,325
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

495 advisories

Loading
It was found that default configuration of Heketi does not require any authentication potentially... Critical Unreviewed
CVE-2019-3899 was published May 24, 2022
A CWE-306: Missing Authentication for Critical Function The software does not perform any... Critical Unreviewed
CVE-2022-42970 was published Feb 1, 2023
The configuration backend allows an unauthenticated user to write arbitrary data with root... Critical Unreviewed
CVE-2022-45140 was published Feb 27, 2023
The configuration backend of the web-based management can be used by unauthenticated users,... Critical Unreviewed
CVE-2022-45138 was published Feb 27, 2023
LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create... Critical Unreviewed
CVE-2023-22804 was published Feb 15, 2023
LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its... Critical Unreviewed
CVE-2023-0102 was published Feb 15, 2023
A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1... Critical Unreviewed
CVE-2023-0906 was published Feb 18, 2023
Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05... Critical Unreviewed
CVE-2023-23452 was published Feb 21, 2023
Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05... Critical Unreviewed
CVE-2023-23453 was published Feb 21, 2023
A vulnerability in the Virtual Network Computing (VNC) console implementation of Cisco Enterprise... Critical Unreviewed
CVE-2019-1895 was published May 24, 2022
An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows... Critical Unreviewed
CVE-2022-45551 was published Mar 3, 2023
The Akuvox E11 web server can be accessed without any user authentication, and this could allow... Critical Unreviewed
CVE-2023-0354 was published Mar 13, 2023
Apache OpenMeetings missing authentication and can allow user impersonation Critical
CVE-2023-28326 was published for org.apache.openmeetings:openmeetings-parent (Maven) Mar 28, 2023
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability that... Critical Unreviewed
CVE-2023-1140 was published Mar 27, 2023
This vulnerability allows remote attackers to bypass authentication on affected installations of... Critical Unreviewed
CVE-2022-36983 was published Mar 29, 2023
Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241... Critical Unreviewed
CVE-2023-27290 was published Mar 4, 2023
An issue was discovered on D-Link DIR-878 1.12B01 devices. Because strncpy is misused, there is a... Critical Unreviewed
CVE-2019-9125 was published May 13, 2022
Missing authentication in ShenYu Critical
CVE-2022-23944 was published for org.apache.shenyu:shenyu-common (Maven) Jan 28, 2022
tdunlap607
Credited to tdunlap607
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... Critical Unreviewed
CVE-2022-32528 was published Jan 31, 2023
A vulnerability has been identified in Desigo Automation Controllers Products and Desigo Operator... Critical Unreviewed
CVE-2018-4834 was published May 13, 2022
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker... Critical Unreviewed
CVE-2022-20857 was published Jul 22, 2022
Apache SOAP contains unauthenticated RPCRouterServlet Critical
CVE-2022-45378 was published for soap:soap (Maven) Nov 14, 2022
A vulnerability was found in SourceCodester Company Website CMS 1.0. It has been declared as... Critical Unreviewed
CVE-2022-2765 was published Aug 12, 2022
There is no account authentication and permission check logic in the firmware and existing apps... Critical Unreviewed
CVE-2021-26637 was published Jun 24, 2022
A vulnerability classified as critical was found in SourceCodester Book Store Management System 1... Critical Unreviewed
CVE-2022-4229 was published Nov 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database