Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

814 advisories

Loading
Missing authentication in the GetAssignmentsDue method in IDAttend’s IDWeb application 3.1... High Unreviewed
CVE-2023-27259 was published Oct 25, 2023
Missing authentication in the GetStudentGroupStudents method in IDAttend’s IDWeb application... High Unreviewed
CVE-2023-27258 was published Oct 25, 2023
Missing authentication in the SearchStudentsRFID method in IDAttend’s IDWeb application 3.1.052... High Unreviewed
CVE-2023-26576 was published Oct 25, 2023
Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the... High Unreviewed
CVE-2023-26580 was published Oct 25, 2023
Missing authentication in the GetActiveToiletPasses method in IDAttend’s IDWeb application 3.1... High Unreviewed
CVE-2023-27257 was published Oct 25, 2023
Missing authentication in the DeleteStaff method in IDAttend’s IDWeb application 3.1.013 allows... Moderate Unreviewed
CVE-2023-26579 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_StudentDetails method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-27376 was published Oct 25, 2023
Missing authentication in the DeleteAssignments method in IDAttend’s IDWeb application 3... Moderate Unreviewed
CVE-2023-27261 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_ContactDetails method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-27375 was published Oct 25, 2023
Missing authentication in the GetLogFiles method in IDAttend’s IDWeb application 3.1.052 and... Moderate Unreviewed
CVE-2023-27256 was published Oct 25, 2023
Missing authentication in the SetStudentNotes method in IDAttend’s IDWeb application 3.1.052 and... High Unreviewed
CVE-2023-26571 was published Oct 25, 2023
Missing authentication in the StudentPopupDetails_Timetable method in IDAttend’s IDWeb... High Unreviewed
CVE-2023-26570 was published Oct 25, 2023
Missing authentication in the SearchStudentsStaff method in IDAttend’s IDWeb application 3.1.052... High Unreviewed
CVE-2023-26575 was published Oct 25, 2023
Missing authentication in the SetDB method in IDAttend’s IDWeb application 3.1.052 and earlier... Critical Unreviewed
CVE-2023-26573 was published Oct 25, 2023
Missing authentication in the SearchStudents method in IDAttend’s IDWeb application 3.1.052 and... High Unreviewed
CVE-2023-26574 was published Oct 25, 2023
IBM Sterling Partner Engagement Manager 6.1.2, 6.2.0, and 6.2.2 could allow a remote user to... High Unreviewed
CVE-2023-43045 was published Oct 23, 2023
Vulnerability in the Hospitality OPERA 5 Property Services product of Oracle Hospitality... High Unreviewed
CVE-2023-22087 was published Oct 18, 2023
Vulnerability of access permissions not being strictly verified in the APPWidget module... Critical Unreviewed
CVE-2023-44116 was published Oct 11, 2023
Incorrect access control in 70mai a500s v1.2.119 allows attackers to directly access and delete... Critical Unreviewed
CVE-2023-43271 was published Oct 9, 2023
An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored... High Unreviewed
CVE-2023-4884 was published Oct 3, 2023
The Staff / Employee Business Directory for Active Directory plugin for WordPress is vulnerable... Moderate Unreviewed
CVE-2023-4505 was published Sep 27, 2023
The Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP... Moderate Unreviewed
CVE-2023-4506 was published Sep 27, 2023
Sensitive information disclosure and manipulation due to improper authentication. The following... Moderate Unreviewed
CVE-2023-44152 was published Sep 27, 2023
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX... Moderate Unreviewed
CVE-2023-36851 was published Sep 27, 2023
Cilium vulnerable to bypass of namespace restrictions in CiliumNetworkPolicy Moderate
CVE-2023-41333 was published for github.com/cilium/cilium (Go) Sep 27, 2023
odinuge
ProTip! Advisories are also available from the GraphQL API