Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,340
Erlang
31
GitHub Actions
22
Go
2,101
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
885
Swift
37
Unreviewed advisories
All unreviewed
5,000+

367 advisories

Loading
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to... High Unreviewed
CVE-2023-43045 was published Oct 23, 2023
Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and... High Unreviewed
CVE-2023-26571 was published Oct 25, 2023
Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052... High Unreviewed
CVE-2023-26575 was published Oct 25, 2023
Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and... High Unreviewed
CVE-2023-26574 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-26570 was published Oct 25, 2023
Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the... High Unreviewed
CVE-2023-26580 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_EmergencyContactDetails method in... High Unreviewed
CVE-2023-27377 was published Oct 25, 2023
Missing authentication in the SearchStudentsRFID method in IDAttend’s IDWeb application 3.1.052... High Unreviewed
CVE-2023-26576 was published Oct 25, 2023
Missing authentication in the GetStudentGroupStudents method in IDAttend’s IDWeb application... High Unreviewed
CVE-2023-27258 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_StudentDetails method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-27376 was published Oct 25, 2023
Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1... High Unreviewed
CVE-2023-27259 was published Oct 25, 2023
Missing authentication in the GetActiveToiletPasses method in IDAttend’s IDWeb application 3.1... High Unreviewed
CVE-2023-27257 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_ContactDetails method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-27375 was published Oct 25, 2023
The vulnerability allows an unprivileged user with access to the subnet of the TPC-110W device to... High Unreviewed
CVE-2023-41255 was published Oct 25, 2023
The Android Client application, when enrolled with the define method 1(the user manually inserts... High Unreviewed
CVE-2023-45220 was published Oct 25, 2023
The Android Client application, when enrolled to the AppHub server,connects to an MQTT broker... High Unreviewed
CVE-2023-45851 was published Oct 25, 2023
The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura... High Unreviewed
CVE-2023-40401 was published Oct 25, 2023
TOTOLINK X6000R V9.4.0cu.852_B20230719 is vulnerable to Incorrect Access Control.Attackers can... High Unreviewed
CVE-2023-46978 was published Oct 31, 2023
Ivanti Avalanche Printer Device Service Missing Authentication Local Privilege Escalation... High Unreviewed
CVE-2022-43555 was published Nov 3, 2023
Ivanti Avalanche Smart Device Service Missing Authentication Local Privilege Escalation... High Unreviewed
CVE-2022-43554 was published Nov 3, 2023
LOYTEC LINX-212 firmware 6.2.4 and LVIS-3ME12-A1 firmware 6.2.2 and LIOB-586 firmware 6.2.3... High Unreviewed
CVE-2023-46381 was published Nov 5, 2023
Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An... High Unreviewed
CVE-2023-32460 was published Dec 8, 2023
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an... High Unreviewed
CVE-2023-6595 was published Dec 14, 2023
Unauthenticated access permitted to web interface page The Genie Company Aladdin Connect ... High Unreviewed
CVE-2023-5881 was published Jan 3, 2024
An authentication issue was addressed with improved state management. This issue is fixed in... High Unreviewed
CVE-2023-40393 was published Jan 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database