GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,130 advisories
Filter by severity
Tyler Technologies Civil and Criminal Electronic Filing allows an unauthenticated, remote...
Moderate
Unreviewed
CVE-2023-6353
was published
Nov 30, 2023
Tyler Technologies Magistrate Court Case Management Plus allows an unauthenticated, remote...
Moderate
Unreviewed
CVE-2023-6354
was published
Nov 30, 2023
Tyler Technologies Court Case Management Plus allows a remote attacker to authenticate as any...
Moderate
Unreviewed
CVE-2023-6342
was published
Nov 30, 2023
Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to...
Moderate
Unreviewed
CVE-2023-6343
was published
Nov 30, 2023
Tyler Technologies Court Case Management Plus may store backups in a location that can be...
Moderate
Unreviewed
CVE-2023-6375
was published
Nov 30, 2023
Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to...
Moderate
Unreviewed
CVE-2023-6344
was published
Nov 30, 2023
An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could...
Moderate
Unreviewed
CVE-2023-34388
was published
Nov 30, 2023
An authentication bypass vulnerability in the Direct Connection Module in Ezviz CS-C6N-xxx prior...
Moderate
Unreviewed
CVE-2023-48121
was published
Nov 28, 2023
Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical...
Moderate
Unreviewed
CVE-2023-42554
was published
Nov 15, 2023
Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation...
Moderate
Unreviewed
CVE-2023-43582
was published
Nov 15, 2023
Improper authentication in some Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader...
Moderate
Unreviewed
CVE-2023-32661
was published
Nov 14, 2023
Improper authentication for some Intel Unison software may allow an authenticated user to...
Moderate
Unreviewed
CVE-2023-22663
was published
Nov 14, 2023
Improper authentication in some Intel(R) NUC Kit NUC11PH USB firmware installation software...
Moderate
Unreviewed
CVE-2023-28377
was published
Nov 14, 2023
TYPO3 vulnerable to Weak Authentication in Session Handling
Moderate
CVE-2023-47127
was published
for
typo3/cms-core
(Composer)
Nov 14, 2023
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is...
Moderate
Unreviewed
CVE-2023-40660
was published
Nov 6, 2023
An issue in Beijing Yunfan Internet Technology Co., Ltd, Yunfan Learning Examination System v.6.5...
Moderate
Unreviewed
CVE-2023-46963
was published
Nov 5, 2023
RMI was not requiring authentication when calling ChronosRMIService:setEventOrganizer. Attackers...
Moderate
Unreviewed
CVE-2023-26455
was published
Nov 2, 2023
Multiple MFPs (multifunction printers) provided by FUJIFILM Business Innovation Corp. and Xerox...
Moderate
Unreviewed
CVE-2023-46327
was published
Nov 2, 2023
pimcore/admin-ui-classic-bundle Unverified Password Change
Moderate
CVE-2023-5844
was published
for
pimcore/admin-ui-classic-bundle
(Composer)
Oct 31, 2023
In SEPolicy, there is a possible way to access the factory MAC address due to a permissions...
Moderate
Unreviewed
CVE-2023-21297
was published
Oct 30, 2023
In Bluetooth, there is a possible way for a paired Bluetooth device to access a long term...
Moderate
Unreviewed
CVE-2023-21307
was published
Oct 30, 2023
A vulnerability has been identified in the MR2600 router v1.0.18 and earlier that could allow an...
Moderate
Unreviewed
CVE-2022-3681
was published
Oct 27, 2023
Standard users can directly operate and set printer configuration information , such as IP, in...
Moderate
Unreviewed
CVE-2022-34887
was published
Oct 27, 2023
Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and...
Moderate
Unreviewed
CVE-2023-27256
was published
Oct 25, 2023
Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3...
Moderate
Unreviewed
CVE-2023-27261
was published
Oct 25, 2023
ProTip!
Advisories are also available from the
GraphQL API