GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,080
Erlang
29
GitHub Actions
19
Go
1,908
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
247 advisories
Filter by severity
Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this...
Moderate
Unreviewed
CVE-2023-34167
was published
Jun 19, 2023
Vulnerability of spoofing trustlists of Huawei desktop.Successful exploitation of this...
Moderate
Unreviewed
CVE-2023-34160
was published
Jun 19, 2023
There is a traffic hijacking vulnerability in Huawei routers. Successful exploitation of this...
Moderate
Unreviewed
CVE-2022-48469
was published
Jun 16, 2023
Authentication Bypass by Spoofing vulnerability in the password reset process of Pandora FMS...
Critical
Unreviewed
CVE-2023-2807
was published
Jun 13, 2023
Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were...
High
Unreviewed
CVE-2022-36331
was published
Jun 12, 2023
A missing delay in popup notifications could have made it possible for an attacker to trick a...
High
Unreviewed
CVE-2023-32207
was published
Jun 2, 2023
A lack of in app notification for entering fullscreen mode could have lead to a malicious website...
High
Unreviewed
CVE-2023-25743
was published
Jun 2, 2023
Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.This...
Critical
Unreviewed
CVE-2023-2887
was published
May 25, 2023
The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept...
High
Unreviewed
CVE-2022-47522
was published
Apr 15, 2023
The Formidable Forms WordPress plugin before 6.1 uses several potentially untrusted headers to...
Moderate
Unreviewed
CVE-2023-0816
was published
Mar 27, 2023
The User Activity WordPress plugin through 1.0.1 checks headers such as the X-Forwarded-For to...
High
Unreviewed
CVE-2022-4550
was published
Feb 27, 2023
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Unreviewed
CVE-2023-21794
was published
Feb 14, 2023
Authentication Bypass by Spoofing vulnerability in Mitsubishi Electric Corporation GOT2000 Series...
High
Unreviewed
CVE-2022-40269
was published
Feb 2, 2023
Parse Server option `masterKeyIps` vulnerability to IP spoofing
High
CVE-2023-22474
was published
for
parse-server
(npm)
Jan 31, 2023
The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's IP...
High
Unreviewed
CVE-2022-4303
was published
Jan 23, 2023
The FluentAuth WordPress plugin before 1.0.2 prioritizes getting a visitor's IP address from...
High
Unreviewed
CVE-2022-4746
was published
Jan 23, 2023
When exiting fullscreen mode, an iframe could have confused the browser about the current state...
Moderate
Unreviewed
CVE-2022-31738
was published
Dec 22, 2022
Microsoft Outlook for Mac Spoofing Vulnerability.
High
Unreviewed
CVE-2022-44713
was published
Dec 13, 2022
Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass...
High
Unreviewed
CVE-2022-4098
was published
Dec 13, 2022
Session information easily guessable vulnerability exists in Kyocera Document Solutions MFPs and...
Moderate
Unreviewed
CVE-2022-41798
was published
Dec 5, 2022
Velneo vClient on its 28.1.3 version, could allow an attacker with knowledge of the victims's...
High
Unreviewed
CVE-2021-45036
was published
Nov 28, 2022
WithSecure through 2022-08-10 allows attackers to cause a denial of service (issue 3 of 5).
Moderate
Unreviewed
CVE-2022-38164
was published
Nov 8, 2022
"IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Web services could allow a man-in-the...
Moderate
Unreviewed
CVE-2022-38712
was published
Nov 4, 2022
anji-plus AJ-Report 0.9.8.6 allows remote attackers to bypass login authentication by spoofing...
High
Unreviewed
CVE-2022-42983
was published
Oct 17, 2022
An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows...
High
Unreviewed
CVE-2022-0030
was published
Oct 12, 2022
ProTip!
Advisories are also available from the
GraphQL API