Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,967
Erlang
29
GitHub Actions
16
Go
1,748
Maven
4,978
npm
3,509
NuGet
609
pip
3,073
Pub
10
RubyGems
832
Rust
781
Swift
34
Unreviewed advisories
All unreviewed
5,000+

78 advisories

Loading
Improper authentication in zenml Low
CVE-2024-2213 was published for zenml (pip) Jun 6, 2024
A vulnerability was found in Emlog Pro 2.3.4. It has been classified as problematic. This affects... Low Unreviewed
CVE-2024-5044 was published May 17, 2024
Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This... Low Unreviewed
CVE-2024-3487 was published May 15, 2024
Keycloak vulnerable to impersonation via logout token exchange Low
CVE-2023-0657 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
The Operating System hosting the FACSChorus application is configured to allow transmission of... Low Unreviewed
CVE-2023-29062 was published Nov 28, 2023
Jetty's OpenId Revoked authentication allows one request Low
CVE-2023-41900 was published for org.eclipse.jetty:jetty-openid (Maven) Sep 15, 2023
andrewmcguinness
Improper authentication in GallerySearchProvider of Gallery prior to version 14.5.01.2 allows... Low Unreviewed
CVE-2023-30724 was published Sep 6, 2023
Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to... Low Unreviewed
CVE-2023-30711 was published Sep 6, 2023
Dell BIOS contains an improper authentication vulnerability. A malicious user with physical... Low Unreviewed
CVE-2023-32453 was published Aug 16, 2023
PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023... Low Unreviewed
CVE-2023-30700 was published Aug 10, 2023
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest... Low Unreviewed
CVE-2023-20867 was published Jun 13, 2023
Improper access control vulnerability in Telephony framework prior to SMR May-2023 Release 1... Low Unreviewed
CVE-2023-21487 was published May 4, 2023
Denial of service due to unauthenticated API endpoint. The following products are affected:... Low Unreviewed
CVE-2022-45456 was published Apr 26, 2023
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura... Low Unreviewed
CVE-2023-23493 was published Feb 27, 2023
There is an improper authentication vulnerability in Pandora FMS v764. The application verifies... Low Unreviewed
CVE-2022-43978 was published Jan 28, 2023
Some Dahua software products have a vulnerability of unauthenticated enable or disable SSHD... Low Unreviewed
CVE-2022-45430 was published Dec 27, 2022
Some Dahua software products have a vulnerability of unauthenticated traceroute host from remote... Low Unreviewed
CVE-2022-45433 was published Dec 27, 2022
parse-server auth adapter app ID validation can be circumvented Low
CVE-2022-39231 was published for parse-server (npm) Sep 21, 2022
KarolisBan
Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical... Low Unreviewed
CVE-2022-33720 was published Aug 6, 2022
Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows... Low Unreviewed
CVE-2022-33689 was published Jul 13, 2022
IBM Spectrum Copy Data Management Admin 2.2.0.0 through 2.2.15.0 could allow a local attacker to... Low Unreviewed
CVE-2022-22426 was published Jun 11, 2022
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring... Low Unreviewed
CVE-2021-25484 was published May 24, 2022
Description: A person with physical access may be able to access contacts. This issue is fixed in... Low Unreviewed
CVE-2021-1862 was published May 24, 2022
An issue existed with authenticating the action triggered by an NFC tag. The issue was addressed... Low Unreviewed
CVE-2021-1863 was published May 24, 2022
Adobe Experience Manager Cloud Service offering, as well as versions 6.5.8.0 (and below) is... Low Unreviewed
CVE-2021-28626 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API