Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,361
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,794
NuGet
685
pip
3,473
Pub
12
RubyGems
895
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,442 advisories

Loading
A vulnerability classified as critical has been found in ColumbiaSoft Document Locator. This... High Unreviewed
CVE-2023-5830 was published Oct 27, 2023
An issue was discovered in Cassia Access Controller 2.1.1.2303271039. The Web SSH terminal... High Unreviewed
CVE-2023-35794 was published Oct 27, 2023
Due to inadequate code logic, a previously unauthenticated threat actor could potentially obtain... High Unreviewed
CVE-2023-46290 was published Oct 27, 2023
SaToken authentication bypass vulnerability High
CVE-2023-43961 was published for cn.dev33:sa-token-core (Maven) Oct 25, 2023
Missing authentication in the StudentPopupDetails_StudentDetails method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-27376 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_ContactDetails method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-27375 was published Oct 25, 2023
Missing authentication in the SearchStudentsRFID method in IDAttend’s IDWeb application 3.1.052... High Unreviewed
CVE-2023-26576 was published Oct 25, 2023
Missing authentication in the GetActiveToiletPasses method in IDAttend’s IDWeb application 3.1... High Unreviewed
CVE-2023-27257 was published Oct 25, 2023
Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1... High Unreviewed
CVE-2023-27259 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_EmergencyContactDetails method in... High Unreviewed
CVE-2023-27377 was published Oct 25, 2023
Missing authentication in the GetStudentGroupStudents method in IDAttend’s IDWeb application... High Unreviewed
CVE-2023-27258 was published Oct 25, 2023
Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and... High Unreviewed
CVE-2023-26574 was published Oct 25, 2023
Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052... High Unreviewed
CVE-2023-26575 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-26570 was published Oct 25, 2023
Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and... High Unreviewed
CVE-2023-26571 was published Oct 25, 2023
Authentication Bypass by Capture-replay in SICK Flexi Soft Gateways with Partnumbers 1044073,... High Unreviewed
CVE-2023-5246 was published Oct 23, 2023
The affected product is vulnerable to an improper authentication vulnerability, which... High Unreviewed
CVE-2023-41089 was published Oct 19, 2023
BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local... High Unreviewed
CVE-2023-23632 was published Oct 12, 2023
Vulnerability of brute-force attacks on the device authentication module.Successful exploitation... High Unreviewed
CVE-2023-44096 was published Oct 11, 2023
Sensitive information disclosure and manipulation due to improper authentication. The following... High Unreviewed
CVE-2023-45246 was published Oct 6, 2023
Garuda Linux performs an insecure user creation and authentication that allows any user to... High Unreviewed
CVE-2021-3784 was published Oct 4, 2023
asyncua Improper Authentication vulnerability High
CVE-2023-26150 was published for asyncua (pip) Oct 3, 2023
Cryptographic issue in Data Modem due to improper authentication during TLS handshake. High Unreviewed
CVE-2023-28540 was published Oct 3, 2023
Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310... High Unreviewed
CVE-2023-42771 was published Oct 3, 2023
Soft Serve Public Key Authentication Bypass Vulnerability when Keyboard-Interactive SSH Authentication is Enabled High
CVE-2023-43809 was published for github.com/charmbracelet/soft-serve (Go) Oct 2, 2023
JJGadgets
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database