Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

231 advisories

Loading
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed
CVE-2011-3056 was published May 13, 2022
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed
CVE-2011-3067 was published May 13, 2022
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed
CVE-2011-3072 was published May 13, 2022
Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in... High Unreviewed
CVE-2018-6690 was published May 13, 2022
The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications... Critical Unreviewed
CVE-2018-5400 was published May 13, 2022
RubyGems has Origin Validation Error vulnerability High
CVE-2017-0902 was published for rubygems-update (RubyGems) May 13, 2022
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and... Moderate Unreviewed
CVE-2017-18016 was published May 13, 2022
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows... Moderate Unreviewed
CVE-2017-8523 was published May 13, 2022
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows... Moderate Unreviewed
CVE-2017-8530 was published May 13, 2022
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exploit a security feature... Moderate Unreviewed
CVE-2017-8650 was published May 13, 2022
An issue was discovered on Accellion FTA devices before FTA_9_12_180. By sending a POST request... High Unreviewed
CVE-2017-8793 was published May 13, 2022
The internal WebBrowserPersist code does not use correct origin context for a resource being... Moderate Unreviewed
CVE-2018-12402 was published May 13, 2022
A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81... Moderate Unreviewed
CVE-2018-16072 was published May 13, 2022
The Grammarly extension before 2018-02-02 for Chrome allows remote attackers to discover... High Unreviewed
CVE-2018-6654 was published May 13, 2022
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which... High Unreviewed
CVE-2018-6764 was published May 13, 2022
A same-origin policy violation allowing the theft of cross-origin URL entries when using the... Moderate Unreviewed
CVE-2018-18494 was published May 14, 2022
A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta... Moderate Unreviewed
CVE-2018-18499 was published May 14, 2022
github.com/gofiber/fiber/v2 vulnerable to Origin Validation Error Moderate
CVE-2018-20744 was published for github.com/gofiber/fiber/v2 (Go) May 14, 2022
Yii Incorrectly Implements CORS Moderate
CVE-2018-20745 was published for yiisoft/yii2 (Composer) May 14, 2022
EPSON WF-2750 printers with firmware JP02I2 do not properly validate files before running updates... High Unreviewed
CVE-2018-14903 was published May 14, 2022
The Pocket toolbar button, once activated, listens for events fired from it's own pages but does... High Unreviewed
CVE-2016-9902 was published May 14, 2022
Response header name interning does not have same-origin protections and these headers are stored... High Unreviewed
CVE-2017-7797 was published May 14, 2022
An audio capture session can started under an incorrect origin from the site making the capture... Moderate Unreviewed
CVE-2018-5109 was published May 14, 2022
WebExtensions with the "ActiveTab" permission are able to access frames hosted within the active... Critical Unreviewed
CVE-2018-5116 was published May 14, 2022
In the getHost() function of UriTest.java, there is the possibility of incorrect web origin... Critical Unreviewed
CVE-2017-13274 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database