GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
236 advisories
Filter by severity
Inappropriate implementation in Navigation in Google Chrome prior to 113.0.5672.63 allowed a...
Moderate
Unreviewed
CVE-2023-7282
was published
Sep 24, 2024
Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a...
Moderate
Unreviewed
CVE-2024-8909
was published
Sep 17, 2024
Microsoft Teams for iOS Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-38197
was published
Aug 13, 2024
Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote...
Moderate
Unreviewed
CVE-2024-6999
was published
Aug 6, 2024
Inappropriate implementation in Picture in Picture in Google Chrome prior to 119.0.6045.105...
Moderate
Unreviewed
CVE-2023-7011
was published
Jul 17, 2024
Form validation popups could capture escape key presses. Therefore, spamming form validation...
Moderate
Unreviewed
CVE-2024-6610
was published
Jul 9, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-38082
was published
Jun 20, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-38093
was published
Jun 20, 2024
In certain scenarios a malicious website could attempt to display a fake location URL bar which...
Moderate
Unreviewed
CVE-2024-38313
was published
Jun 13, 2024
By manipulating the fullscreen feature while opening a data-list, an attacker could have overlaid...
Moderate
Unreviewed
CVE-2024-5698
was published
Jun 11, 2024
Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a...
Moderate
Unreviewed
CVE-2024-4950
was published
May 15, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-30055
was published
May 14, 2024
Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote...
Moderate
Unreviewed
CVE-2024-2631
was published
Mar 20, 2024
IBM PowerSC 1.3, 2.0, and 2.1 could allow a remote attacker to hijack the clicking action of the...
Moderate
Unreviewed
CVE-2023-50938
was published
Feb 2, 2024
Inappropriate implementation in Downloads in Google Chrome prior to 121.0.6167.85 allowed a...
Moderate
Unreviewed
CVE-2024-0805
was published
Jan 24, 2024
A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque...
Moderate
Unreviewed
CVE-2023-4956
was published
Nov 7, 2023
Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90...
Moderate
Unreviewed
CVE-2023-2937
was published
May 31, 2023
Inappropriate implementation in Extensions API in Google Chrome prior to 114.0.5735.90 allowed an...
Moderate
Unreviewed
CVE-2023-2941
was published
May 31, 2023
Inappropriate implementation in Picture In Picture in Google Chrome prior to 114.0.5735.90...
Moderate
Unreviewed
CVE-2023-2938
was published
May 31, 2023
Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote...
Moderate
Unreviewed
CVE-2023-0700
was published
Feb 7, 2023
Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414...
Moderate
Unreviewed
CVE-2023-0130
was published
Jan 10, 2023
Under certain circumstances, a JavaScript alert (or prompt) could have been shown while another...
Moderate
Unreviewed
CVE-2022-22762
was published
Dec 22, 2022
When resizing a popup after requesting fullscreen access, the popup would not display the...
Moderate
Unreviewed
CVE-2022-26383
was published
Dec 22, 2022
A malicious website that could create a popup could have resized the popup to overlay the address...
Moderate
Unreviewed
CVE-2022-34479
was published
Dec 22, 2022
Through a series of popup and <code>window.print()</code> calls, an attacker can cause a window...
Moderate
Unreviewed
CVE-2022-45404
was published
Dec 22, 2022
ProTip!
Advisories are also available from the
GraphQL API