Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

69 advisories

Loading
A vulnerability exists in the RTU500 that allows for authenticated and authorized users to... High Unreviewed
CVE-2024-2617 was published Apr 30, 2024
Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a... Moderate Unreviewed
CVE-2024-3844 was published Apr 17, 2024
Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote... Critical Unreviewed
CVE-2024-3845 was published Apr 17, 2024
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an... Moderate Unreviewed
CVE-2024-3838 was published Apr 17, 2024
An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to execute arbitrary code via a... High Unreviewed
CVE-2024-25545 was published Apr 12, 2024
An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint... Moderate Unreviewed
CVE-2024-23592 was published Apr 5, 2024
Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote... High Unreviewed
CVE-2024-2174 was published Mar 6, 2024
The issue was addressed with improved UI handling. This issue is fixed in iOS 17.1 and iPadOS 17... High Unreviewed
CVE-2023-40445 was published Oct 25, 2023
A non-feature complete authentication mechanism exists in the production application allowing an... Critical Unreviewed
CVE-2023-3266 was published Aug 14, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this... Critical Unreviewed
CVE-2023-39403 was published Aug 13, 2023
Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the... Moderate Unreviewed
CVE-2023-28601 was published Jun 13, 2023
Failure to verify the mode of CPU execution at the time of SNP_INIT may lead to a potential loss... Moderate Unreviewed
CVE-2021-26328 was published Jan 11, 2023
The DeepL Pro API translation plugin WordPress plugin before 1.7.5 discloses sensitive... High Unreviewed
CVE-2022-3691 was published Nov 21, 2022
SnapCenter versions prior to 4.7 shipped without Content Security Policy (CSP) implemented which... High Unreviewed
CVE-2022-38732 was published Sep 30, 2022
Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address... Moderate Unreviewed
CVE-2021-34791 was published May 24, 2022
Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address... Moderate Unreviewed
CVE-2021-34790 was published May 24, 2022
It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in... Moderate Unreviewed
CVE-2020-10743 was published May 24, 2022
A flaw was found in the OpenShift web console, where the access token is stored in the browser's... Moderate Unreviewed
CVE-2020-1761 was published May 24, 2022
A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for... Moderate Unreviewed
CVE-2021-3448 was published May 24, 2022
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query,... Moderate Unreviewed
CVE-2020-25685 was published May 24, 2022
A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check... Moderate Unreviewed
CVE-2020-25686 was published May 24, 2022
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query,... Moderate Unreviewed
CVE-2020-25684 was published May 24, 2022
A flaw was found in the "Leaf and Chain" OCSP policy implementation in JSS' CryptoManager... High Unreviewed
CVE-2019-14823 was published May 24, 2022
cPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned... Moderate Unreviewed
CVE-2018-20934 was published May 24, 2022
cPanel before 55.9999.141 allows account-suspension bypass via ftp (SEC-105). High Unreviewed
CVE-2016-10834 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database