GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,296
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
594 advisories
Filter by severity
Domain restrictions bypass via DNS Rebinding in WireMock and WireMock Studio webhooks, proxy and recorder modes
Low
CVE-2023-41329
was published
for
com.github.tomakehurst:wiremock-jre8
(Maven)
Sep 8, 2023
Vulnerability of identity verification being bypassed in the face unlock module. Successful...
Critical
Unreviewed
CVE-2023-5801
was published
Nov 8, 2023
Authentication bypass vulnerability, the exploitation of which could allow a local attacker to...
High
Unreviewed
CVE-2023-3103
was published
Nov 22, 2023
An issue was discovered in Network Optix NxCloud before 23.1.0.40440. It was possible to add a...
High
Unreviewed
CVE-2023-6263
was published
Nov 22, 2023
A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server...
High
Unreviewed
CVE-2022-26505
was published
Mar 7, 2022
Header spoofing in caddy-geo-ip
Moderate
CVE-2023-50463
was published
for
github.com/shift72/caddy-geo-ip
(Go)
Dec 11, 2023
Windows Hello Security Feature Bypass Vulnerability
Moderate
Unreviewed
CVE-2021-34466
was published
May 24, 2022
Microsoft SharePoint Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-43242.
Low
Unreviewed
CVE-2021-42320
was published
Feb 11, 2022
Microsoft Edge for iOS Spoofing Vulnerability
High
Unreviewed
CVE-2021-43220
was published
Nov 25, 2021
Microsoft Edge (Chromium-based) Spoofing Vulnerability
High
Unreviewed
CVE-2021-42308
was published
May 24, 2022
A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local...
Moderate
Unreviewed
CVE-2023-6044
was published
Jan 19, 2024
Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance ...
Moderate
Unreviewed
CVE-2023-20256
was published
Nov 1, 2023
Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance ...
Moderate
Unreviewed
CVE-2023-20245
was published
Nov 1, 2023
Multiple Cisco products are affected by a vulnerability in Snort access control policies that...
Moderate
Unreviewed
CVE-2023-20246
was published
Nov 1, 2023
ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and...
Moderate
Unreviewed
CVE-2024-0454
was published
Jan 12, 2024
Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2....
Moderate
Unreviewed
CVE-2021-32076
was published
May 24, 2022
Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows...
Moderate
Unreviewed
CVE-2023-7169
was published
Feb 8, 2024
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a...
Moderate
Unreviewed
CVE-2023-4001
was published
Jan 15, 2024
In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in...
Moderate
Unreviewed
CVE-2024-28228
was published
Mar 7, 2024
** UNSUPPPORTED WHEN ASSIGNED **
** UNSUPPORTED WHEN ASSIGNED ** [An attacker can capture an...
Critical
Unreviewed
CVE-2023-3243
was published
Jun 28, 2023
in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification...
High
Unreviewed
CVE-2024-22092
was published
Apr 2, 2024
Cache Poisoning issue exists in DNS Response Rate Limiting.
Moderate
Unreviewed
CVE-2013-5661
was published
May 5, 2022
The Wireless Emergency Alerts (WEA) protocol allows remote attackers to spoof a Presidential...
Moderate
Unreviewed
CVE-2019-18659
was published
May 24, 2022
Legacy pairing and secure-connections pairing authentication in Bluetooth® BR/EDR Core...
Moderate
Unreviewed
CVE-2020-10135
was published
May 24, 2022
The IEEE 802.11 specifications through 802.11ax allow physically proximate attackers to intercept...
High
Unreviewed
CVE-2022-47522
was published
Apr 15, 2023
ProTip!
Advisories are also available from the
GraphQL API