Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

278 advisories

Loading
TEM Opera Plus FM Family Transmitter allows access to an unprotected endpoint that allows MPFS... Critical Unreviewed
CVE-2024-41988 was published Oct 3, 2024
An unauthenticated remote attacker may use a missing authentication for critical function... Critical Unreviewed
CVE-2024-35293 was published Oct 2, 2024
An unauthenticated remote attacker who is aware of a MQTT topic name can send and receive... Critical Unreviewed
CVE-2023-1083 was published Apr 9, 2024
Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control.... Critical Unreviewed
CVE-2024-46293 was published Sep 30, 2024
Certain switch models from PLANET Technology lack proper access control in firmware upload and... Critical Unreviewed
CVE-2024-8456 was published Sep 30, 2024
SAP PowerDesigner - version 16.7, has improper access control which might allow an... Critical Unreviewed
CVE-2023-37483 was published Aug 8, 2023
OPW Fuel Management Systems SiteSentinel could allow an attacker to bypass authentication to the... Critical Unreviewed
CVE-2024-8310 was published Sep 27, 2024
OMNTEC Proteus Tank Monitoring OEL8000III Series could allow an attacker to perform... Critical Unreviewed
CVE-2024-6981 was published Sep 27, 2024
The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass... Critical Unreviewed
CVE-2024-8277 was published Sep 11, 2024
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business... Critical Unreviewed
CVE-2022-21587 was published Oct 19, 2022
Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component:... Critical Unreviewed
CVE-2021-35587 was published Jan 20, 2022
D-Link - CWE-288:Authentication Bypass Using an Alternate Path or Channel Critical Unreviewed
CVE-2024-38437 was published Jul 21, 2024
Swissphone DiCal-RED 4009 devices allow a remote attacker to gain a root shell via TELNET without... Critical Unreviewed
CVE-2024-36445 was published Aug 22, 2024
The system application (com.transsion.kolun.aiservice) component does not perform an... Critical Unreviewed
CVE-2024-3701 was published Apr 15, 2024
An authentication bypass vulnerability exists in the FOXMAN-UN/UNEM server / API Gateway... Critical Unreviewed
CVE-2024-2013 was published Jun 11, 2024
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an... Critical Unreviewed
CVE-2024-5910 was published Jul 10, 2024
An unauthenticated remote attacker can manipulate the device via Telnet, stop processes, read,... Critical Unreviewed
CVE-2024-6422 was published Jul 10, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There... Critical Unreviewed
CVE-2022-32251 was published Jun 15, 2022
An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel... Critical Unreviewed
CVE-2024-32735 was published May 14, 2024
A vulnerability allows unauthorized access to functionality inadequately constrained by ACLs.... Critical Unreviewed
CVE-2023-41918 was published Jul 2, 2024
Veeam Backup & Replication 10.x and 11.x has Incorrect Access Control (issue 1 of 2). Critical Unreviewed
CVE-2022-26501 was published Mar 18, 2022
Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability... Critical Unreviewed
CVE-2023-39457 was published May 3, 2024
Control Web Panel Missing Authentication Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed
CVE-2023-42121 was published May 3, 2024
A missing authentication for critical function vulnerability has been reported to affect... Critical Unreviewed
CVE-2024-32764 was published Apr 26, 2024
Moxa MiiNePort E1 has a vulnerability of insufficient access control. An unauthenticated remote... Critical Unreviewed
CVE-2023-28697 was published Apr 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database