Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,941
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,952
npm
3,481
NuGet
605
pip
3,049
Pub
10
RubyGems
832
Rust
778
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,130 advisories

Tyler Technologies Civil and Criminal Electronic Filing allows an unauthenticated, remote... Moderate Unreviewed
CVE-2023-6353 was published Nov 30, 2023
Tyler Technologies Magistrate Court Case Management Plus allows an unauthenticated, remote... Moderate Unreviewed
CVE-2023-6354 was published Nov 30, 2023
Tyler Technologies Court Case Management Plus allows a remote attacker to authenticate as any... Moderate Unreviewed
CVE-2023-6342 was published Nov 30, 2023
Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to... Moderate Unreviewed
CVE-2023-6343 was published Nov 30, 2023
Tyler Technologies Court Case Management Plus may store backups in a location that can be... Moderate Unreviewed
CVE-2023-6375 was published Nov 30, 2023
Tyler Technologies Court Case Management Plus allows a remote, unauthenticated attacker to... Moderate Unreviewed
CVE-2023-6344 was published Nov 30, 2023
An Improper Authentication vulnerability in the Schweitzer Engineering Laboratories SEL-451 could... Moderate Unreviewed
CVE-2023-34388 was published Nov 30, 2023
An authentication bypass vulnerability in the Direct Connection Module in Ezviz CS-C6N-xxx prior... Moderate Unreviewed
CVE-2023-48121 was published Nov 28, 2023
Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical... Moderate Unreviewed
CVE-2023-42554 was published Nov 15, 2023
Improper authorization in some Zoom clients may allow an authorized user to conduct an escalation... Moderate Unreviewed
CVE-2023-43582 was published Nov 15, 2023
Improper authentication in some Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader... Moderate Unreviewed
CVE-2023-32661 was published Nov 14, 2023
Improper authentication for some Intel Unison software may allow an authenticated user to... Moderate Unreviewed
CVE-2023-22663 was published Nov 14, 2023
Improper authentication in some Intel(R) NUC Kit NUC11PH USB firmware installation software... Moderate Unreviewed
CVE-2023-28377 was published Nov 14, 2023
TYPO3 vulnerable to Weak Authentication in Session Handling Moderate
CVE-2023-47127 was published for typo3/cms-core (Composer) Nov 14, 2023
dogawaf bnf
ohader
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is... Moderate Unreviewed
CVE-2023-40660 was published Nov 6, 2023
An issue in Beijing Yunfan Internet Technology Co., Ltd, Yunfan Learning Examination System v.6.5... Moderate Unreviewed
CVE-2023-46963 was published Nov 5, 2023
RMI was not requiring authentication when calling ChronosRMIService:setEventOrganizer. Attackers... Moderate Unreviewed
CVE-2023-26455 was published Nov 2, 2023
Multiple MFPs (multifunction printers) provided by FUJIFILM Business Innovation Corp. and Xerox... Moderate Unreviewed
CVE-2023-46327 was published Nov 2, 2023
pimcore/admin-ui-classic-bundle Unverified Password Change Moderate
CVE-2023-5844 was published for pimcore/admin-ui-classic-bundle (Composer) Oct 31, 2023
Th3l0newolf
In SEPolicy, there is a possible way to access the factory MAC address due to a permissions... Moderate Unreviewed
CVE-2023-21297 was published Oct 30, 2023
In Bluetooth, there is a possible way for a paired Bluetooth device to access a long term... Moderate Unreviewed
CVE-2023-21307 was published Oct 30, 2023
A vulnerability has been identified in the MR2600 router v1.0.18 and earlier that could allow an... Moderate Unreviewed
CVE-2022-3681 was published Oct 27, 2023
Standard users can directly operate and set printer configuration information , such as IP, in... Moderate Unreviewed
CVE-2022-34887 was published Oct 27, 2023
Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and... Moderate Unreviewed
CVE-2023-27256 was published Oct 25, 2023
Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3... Moderate Unreviewed
CVE-2023-27261 was published Oct 25, 2023
ProTip! Advisories are also available from the GraphQL API