Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,681
NuGet
650
pip
3,298
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

285 advisories

Loading
The configuration backend allows an unauthenticated user to write arbitrary data with root... Critical Unreviewed
CVE-2022-45140 was published Feb 27, 2023
Missing Authentication for Critical Function in SICK FX0-GENT v3 Firmware Version V3.04 and V3.05... Critical Unreviewed
CVE-2023-23453 was published Feb 21, 2023
Missing Authentication for Critical Function in SICK FX0-GPNT v3 Firmware Version V3.04 and V3.05... Critical Unreviewed
CVE-2023-23452 was published Feb 21, 2023
A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1... Critical Unreviewed
CVE-2023-0906 was published Feb 18, 2023
LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication for its... Critical Unreviewed
CVE-2023-0102 was published Feb 15, 2023
LS ELECTRIC XBC-DN32U with operating system version 01.80 is missing authentication to create... Critical Unreviewed
CVE-2023-22804 was published Feb 15, 2023
A CWE-306: Missing Authentication for Critical Function The software does not perform any... Critical Unreviewed
CVE-2022-42970 was published Feb 1, 2023
A CWE-306: Missing Authentication for Critical Function vulnerability exists that could cause... Critical Unreviewed
CVE-2022-32528 was published Jan 31, 2023
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4... Critical Unreviewed
CVE-2022-42458 was published Dec 7, 2022
The default configuration of Lazy Mouse does not require a password, allowing remote... Critical Unreviewed
CVE-2022-45481 was published Dec 5, 2022
PC Keyboard allows remote unauthenticated users to send instructions to the server to execute... Critical Unreviewed
CVE-2022-45479 was published Dec 5, 2022
Telepad allows remote unauthenticated users to send instructions to the server to execute... Critical Unreviewed
CVE-2022-45477 was published Dec 5, 2022
A vulnerability classified as critical was found in SourceCodester Book Store Management System 1... Critical Unreviewed
CVE-2022-4229 was published Nov 30, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. User authentication for accessing the... Critical Unreviewed
CVE-2022-44001 was published Nov 18, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to exposed CORBA management... Critical Unreviewed
CVE-2022-43999 was published Nov 17, 2022
An issue was discovered in BACKCLICK Professional 5.9.63. Due to an exposed internal... Critical Unreviewed
CVE-2022-44000 was published Nov 17, 2022
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An... Critical Unreviewed
CVE-2022-42785 was published Nov 16, 2022
VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A... Critical Unreviewed
CVE-2022-31685 was published Nov 10, 2022
** UNSUPPPORTED WHEN ASSIGNED **Broken Access Control in User Authentication in Avaya Scopia... Critical Unreviewed
CVE-2022-38168 was published Nov 4, 2022
Password recovery vulnerability in SICK SICK SIM4000 (PPC) Partnumber 1078787 allows an... Critical Unreviewed
CVE-2022-27582 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM2000ST Partnumber 2086502 and 1080579 allows an... Critical Unreviewed
CVE-2022-27584 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version < 2.0.0... Critical Unreviewed
CVE-2022-27586 was published Nov 2, 2022
Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware... Critical Unreviewed
CVE-2022-27585 was published Nov 2, 2022
The database backup function in Delta Electronics InfraSuite Device Master Versions 00.00.01a and... Critical Unreviewed
CVE-2022-40202 was published Nov 1, 2022
A vulnerability has been found in SourceCodester Sanitization Management System 1.0 and... Critical Unreviewed
CVE-2022-3674 was published Oct 26, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database