Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,026
Maven
5,000+
npm
4,763
NuGet
824
pip
4,366
Pub
12
RubyGems
987
Rust
1,143
Swift
50
Unreviewed advisories
All unreviewed
5,000+

90 advisories

Loading
In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for... High Unreviewed
CVE-2024-40650 was published Sep 11, 2024
An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web... Low Unreviewed
CVE-2024-36511 was published Sep 10, 2024
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote... High Unreviewed
CVE-2024-7965 was published Aug 21, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ... Low Unreviewed
CVE-2024-41907 was published Aug 13, 2024
Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote... Critical Unreviewed
CVE-2024-7003 was published Aug 6, 2024
Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 127.0.6533.72... Critical Unreviewed
CVE-2024-6995 was published Aug 6, 2024
Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote... Moderate Unreviewed
CVE-2024-5500 was published Jul 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote... High Unreviewed
CVE-2024-6773 was published Jul 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote... High Unreviewed
CVE-2024-6772 was published Jul 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote... High Unreviewed
CVE-2024-6101 was published Jun 20, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app... High Unreviewed
CVE-2024-27842 was published May 14, 2024
A vulnerability exists in the RTU500 that allows for authenticated and authorized users to... High Unreviewed
CVE-2024-2617 was published Apr 30, 2024
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an... Moderate Unreviewed
CVE-2024-3838 was published Apr 17, 2024
Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a... Moderate Unreviewed
CVE-2024-3844 was published Apr 17, 2024
Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote... Critical Unreviewed
CVE-2024-3845 was published Apr 17, 2024
An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to execute arbitrary code via a... High Unreviewed
CVE-2024-25545 was published Apr 12, 2024
An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint... Moderate Unreviewed
CVE-2024-23592 was published Apr 5, 2024
Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote... High Unreviewed
CVE-2024-2174 was published Mar 6, 2024
RPyC's missing security check results in code execution when using numpy.array on the server-side. High
CVE-2024-27758 was published for rpyc (pip) Mar 6, 2024
renbou comrumino
Credited to renbou and comrumino
Java: DoS Vulnerability in JSON-JAVA High
CVE-2023-5072 was published for org.json:json (Maven) Nov 14, 2023
eamonnmcmanus
Credited to eamonnmcmanus
vantage6-server node accepts non-whitelisted algorithms from malicious server High
CVE-2023-47631 was published for vantage6-node (pip) Nov 14, 2023
The issue was addressed with improved UI handling. This issue is fixed in iOS 17.1 and iPadOS 17... High Unreviewed
CVE-2023-40445 was published Oct 25, 2023
A non-feature complete authentication mechanism exists in the production application allowing an... Critical Unreviewed
CVE-2023-3266 was published Aug 14, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this... Critical Unreviewed
CVE-2023-39403 was published Aug 13, 2023
Client Spoofing within the Keycloak Device Authorisation Grant Low
CVE-2023-2585 was published for org.keycloak:keycloak-server-spi-private (Maven) Jun 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database