Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

135 advisories

Loading
dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with the CD (aka checking... Moderate Unreviewed
CVE-2022-33991 was published Aug 16, 2022
Due to a bug in the handling of the communication between the client and server, it was possible... Moderate Unreviewed
CVE-2022-35629 was published Jul 30, 2022
Incorrect security UI in Downloads in Google Chrome on Android prior to 101.0.4951.41 allowed a... Moderate Unreviewed
CVE-2022-1495 was published Jul 27, 2022
Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a... Moderate Unreviewed
CVE-2022-1306 was published Jul 26, 2022
Inappropriate implementation in full screen in Google Chrome on Android prior to 100.0.4896.88... Moderate Unreviewed
CVE-2022-1307 was published Jul 26, 2022
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 100.0.4896... Moderate Unreviewed
CVE-2022-1129 was published Jul 24, 2022
Microweber before 1.2.21 allows attacker to bypass IP detection to brute-force password Moderate
CVE-2022-2368 was published for microweber/microweber (Composer) Jul 12, 2022
Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit... Moderate Unreviewed
CVE-2022-32983 was published Jun 21, 2022
Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2.... Moderate Unreviewed
CVE-2021-32076 was published May 24, 2022
Legacy pairing and secure-connections pairing authentication in Bluetooth® BR/EDR Core... Moderate Unreviewed
CVE-2020-10135 was published May 24, 2022
Yandex Browser before 20.10.0 allows remote attackers to spoof the address bar Moderate Unreviewed
CVE-2020-27970 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote... Moderate Unreviewed
CVE-2021-30619 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 93.0.4577.63 allowed a remote... Moderate Unreviewed
CVE-2021-30621 was published May 24, 2022
Windows LSA Spoofing Vulnerability Moderate Unreviewed
CVE-2021-36942 was published May 24, 2022
Windows Hello Security Feature Bypass Vulnerability Moderate Unreviewed
CVE-2021-34466 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in Systemd 245. A specially crafted DHCP... Moderate Unreviewed
CVE-2020-13529 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed
CVE-2021-21216 was published May 24, 2022
Inappropriate implementation in Autofill in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed
CVE-2021-21215 was published May 24, 2022
SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7... Moderate Unreviewed
CVE-2021-21492 was published May 24, 2022
curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to... Moderate Unreviewed
CVE-2021-22890 was published May 24, 2022
A malicious extension could have opened a popup window lacking an address bar. The title of the... Moderate Unreviewed
CVE-2021-23984 was published May 24, 2022
An issue was discovered in Scytl sVote 2.1. Because the IP address from an X-Forwarded-For header... Moderate Unreviewed
CVE-2019-25023 was published May 24, 2022
Incorrect security UI in Page Info in Google Chrome on iOS prior to 88.0.4324.96 allowed a remote... Moderate Unreviewed
CVE-2021-21134 was published May 24, 2022
SOOIL Developments Co Ltd DiabecareRS,AnyDana-i & AnyDana-A, the communication protocol of the... Moderate Unreviewed
CVE-2020-27276 was published May 24, 2022
Azure Active Directory Pod Identity Spoofing Vulnerability Moderate Unreviewed
CVE-2021-1677 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database