GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
114 advisories
Filter by severity
A cookie management issue was addressed with improved state management. This issue is fixed in...
Moderate
Unreviewed
CVE-2024-44212
was published
Dec 12, 2024
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Sequoia 15.2....
Moderate
Unreviewed
CVE-2024-54490
was published
Dec 12, 2024
An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks...
Moderate
Unreviewed
CVE-2024-0009
was published
Feb 14, 2024
This issue was addressed with improved redaction of sensitive information. This issue is fixed in...
Moderate
Unreviewed
CVE-2023-28191
was published
Jun 23, 2023
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and...
Moderate
Unreviewed
CVE-2022-46718
was published
Jun 23, 2023
This issue was addressed with improved checks to prevent unauthorized actions. This issue is...
Moderate
Unreviewed
CVE-2022-42860
was published
Jun 23, 2023
MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking.
Moderate
Unreviewed
CVE-2024-45495
was published
Nov 29, 2024
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could...
Moderate
Unreviewed
CVE-2023-32553
was published
Jun 27, 2023
An issue in Instrument Cluster KIA Seltos Software v1.0, Hardware v1.0 allows attackers to cause...
Moderate
Unreviewed
CVE-2024-51072
was published
Nov 22, 2024
An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2024-51037
was published
Nov 15, 2024
The origin of an external protocol handler prompt could have been obscured using a data: URL...
Moderate
Unreviewed
CVE-2024-10460
was published
Oct 29, 2024
Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed...
Moderate
Unreviewed
CVE-2024-7978
was published
Aug 21, 2024
Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed...
Moderate
Unreviewed
CVE-2022-4917
was published
Jul 29, 2023
An attacker could have abused XSLT error handling to associate attacker-controlled content with...
Moderate
Unreviewed
CVE-2022-38472
was published
Dec 22, 2022
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the...
Moderate
Unreviewed
CVE-2020-15652
was published
May 24, 2022
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of...
Moderate
Unreviewed
CVE-2024-44187
was published
Sep 17, 2024
There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate...
Moderate
Unreviewed
CVE-2024-22062
was published
Jul 9, 2024
Brocade
Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not
properly represent...
Moderate
Unreviewed
CVE-2023-5973
was published
Apr 5, 2024
Lack of validation of origin in federation API in Conduit, allowing any remote server to...
Moderate
Unreviewed
CVE-2024-6301
was published
Jun 25, 2024
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to...
Moderate
Unreviewed
CVE-2023-30996
was published
Feb 26, 2024
A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between...
Moderate
Unreviewed
CVE-2024-2182
was published
Mar 12, 2024
The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via...
Moderate
Unreviewed
CVE-2023-5718
was published
Oct 23, 2023
The Zscaler Client Connector for macOS prior to 3.6 did not sufficiently validate RPC clients. A...
Moderate
Unreviewed
CVE-2021-26737
was published
Oct 23, 2023
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2023-44190
was published
Oct 12, 2023
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2023-44189
was published
Oct 12, 2023
ProTip!
Advisories are also available from the
GraphQL API