Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

893 advisories

Loading
An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel... Critical Unreviewed
CVE-2024-32735 was published May 14, 2024
An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access... High Unreviewed
CVE-2022-32503 was published May 14, 2024
The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a is vulnerable to an... High Unreviewed
CVE-2024-2860 was published May 8, 2024
D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows... Moderate Unreviewed
CVE-2023-37325 was published May 8, 2024
NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information... Moderate Unreviewed
CVE-2021-34983 was published May 8, 2024
By design, the DHCP protocol does not authenticate messages, including for example the classless... High Unreviewed
CVE-2024-3661 was published May 6, 2024
Voltronic Power ViewPower getModbusPassword Missing Authentication Information Disclosure... High Unreviewed
CVE-2023-51587 was published May 3, 2024
D-Link G416 httpd Missing Authentication for Critical Function Remote Code Execution... High Unreviewed
CVE-2023-50199 was published May 3, 2024
D-Link D-View shutdown_coreserver Missing Authentication Denial-of-Service Vulnerability. This... Moderate Unreviewed
CVE-2023-44413 was published May 3, 2024
Control Web Panel Missing Authentication Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed
CVE-2023-42121 was published May 3, 2024
D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-41186 was published May 3, 2024
D-Link DAP-1325 HNAP Missing Authentication Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-41187 was published May 3, 2024
NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability. This vulnerability allows network... High Unreviewed
CVE-2023-41183 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure... Moderate Unreviewed
CVE-2023-39466 was published May 3, 2024
Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability. This vulnerability... Critical Unreviewed
CVE-2023-39457 was published May 3, 2024
Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function... High Unreviewed
CVE-2023-38123 was published May 3, 2024
NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2023-27357 was published May 3, 2024
A missing authentication for critical function vulnerability has been reported to affect... Critical Unreviewed
CVE-2024-32764 was published Apr 26, 2024
An unauthenticated attacker can reset the board and stop transmitter operations by sending a... Moderate Unreviewed
CVE-2024-21846 was published Apr 19, 2024
The devices allow access to an unprotected endpoint that allows MPFS file system binary image... High Unreviewed
CVE-2024-1491 was published Apr 19, 2024
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)... High Unreviewed
CVE-2024-21007 was published Apr 17, 2024
An authentication bypass vulnerability was identified in SMM/SMM2 and FPC that could allow an... High Unreviewed
CVE-2023-4857 was published Apr 15, 2024
The system application (com.transsion.kolun.aiservice) component does not perform an... Critical Unreviewed
CVE-2024-3701 was published Apr 15, 2024
The password reset feature of Ai3 QbiBot lacks proper access control, allowing unauthenticated... Critical Unreviewed
CVE-2024-3777 was published Apr 15, 2024
aEnrich Technology a+HRD's functionality for front-end retrieval of system configuration values... Moderate Unreviewed
CVE-2024-3774 was published Apr 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database