GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
100 advisories
Filter by severity
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of...
Moderate
Unreviewed
CVE-2024-44187
was published
Sep 17, 2024
There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate...
Moderate
Unreviewed
CVE-2024-22062
was published
Jul 9, 2024
Brocade
Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not
properly represent...
Moderate
Unreviewed
CVE-2023-5973
was published
Apr 5, 2024
Lack of validation of origin in federation API in Conduit, allowing any remote server to...
Moderate
Unreviewed
CVE-2024-6301
was published
Jun 25, 2024
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to...
Moderate
Unreviewed
CVE-2023-30996
was published
Feb 26, 2024
A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between...
Moderate
Unreviewed
CVE-2024-2182
was published
Mar 12, 2024
The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via...
Moderate
Unreviewed
CVE-2023-5718
was published
Oct 23, 2023
The Zscaler Client Connector for macOS prior to 3.6 did not sufficiently validate RPC clients. A...
Moderate
Unreviewed
CVE-2021-26737
was published
Oct 23, 2023
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2023-44190
was published
Oct 12, 2023
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2023-44189
was published
Oct 12, 2023
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to...
Moderate
Unreviewed
CVE-2023-4045
was published
Aug 1, 2023
A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the...
Moderate
Unreviewed
CVE-2023-30949
was published
Jul 26, 2023
In notification access permission dialog box, malicious application can embedded a very long...
Moderate
Unreviewed
CVE-2023-21260
was published
Jul 13, 2023
The underlying feedback mechanism of
Rockwell Automation's FactoryTalk System Services that...
Moderate
Unreviewed
CVE-2023-2639
was published
Jun 13, 2023
Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab...
Moderate
Unreviewed
CVE-2023-23601
was published
Jun 2, 2023
A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension...
Moderate
Unreviewed
CVE-2019-1413
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for...
Moderate
Unreviewed
CVE-2019-5062
was published
May 24, 2022
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection...
Moderate
Unreviewed
CVE-2019-16275
was published
May 24, 2022
Images from a different domain can be read using a canvas object in some circumstances. This...
Moderate
Unreviewed
CVE-2019-9817
was published
May 24, 2022
If WebRTC permission is requested from documents with data: or blob: URLs, the permission...
Moderate
Unreviewed
CVE-2019-9808
was published
May 24, 2022
Cross-origin images can be read in violation of the same-origin policy by exporting an image...
Moderate
Unreviewed
CVE-2019-9797
was published
May 24, 2022
An unauthenticated remote attacker can perform a remote code execution due to an origin...
Moderate
Unreviewed
CVE-2024-25996
was published
Mar 12, 2024
FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which...
Moderate
Unreviewed
CVE-2003-0981
was published
Apr 29, 2022
By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received...
Moderate
Unreviewed
CVE-2001-1452
was published
Apr 30, 2022
An unauthenticated attacker can send a ping request from one network to another through an error...
Moderate
Unreviewed
CVE-2024-24782
was published
Feb 13, 2024
ProTip!
Advisories are also available from the
GraphQL API