GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
232 advisories
Filter by severity
Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a...
Moderate
Unreviewed
CVE-2024-3843
was published
Apr 17, 2024
An issue in Typora v.1.8.10 and before, allows a local attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2024-31784
was published
Apr 16, 2024
HCL DevOps Deploy / HCL Launch does not invalidate session after logout which could allow an...
Moderate
Unreviewed
CVE-2024-23558
was published
Apr 15, 2024
A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1GY01-0AA0), SCALANCE W1748...
Moderate
Unreviewed
CVE-2024-30190
was published
Apr 9, 2024
A vulnerability has been identified in SCALANCE W721-1 RJ45 (6GK5721-1FC00-0AA0) (All versions),...
Moderate
Unreviewed
CVE-2024-30189
was published
Apr 9, 2024
An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code...
Moderate
Unreviewed
CVE-2024-31008
was published
Apr 3, 2024
In JetBrains YouTrack before 2024.1.25893 creation comments on behalf of an arbitrary user in...
Moderate
Unreviewed
CVE-2024-28228
was published
Mar 7, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS...
Moderate
Unreviewed
CVE-2023-42889
was published
Feb 21, 2024
Through a series of API calls and redirects, an attacker-controlled alert dialog could have been...
Moderate
Unreviewed
CVE-2024-1547
was published
Feb 20, 2024
Authentication Bypass by Spoofing vulnerability in Snow Software Snow Inventory Agent on Windows...
Moderate
Unreviewed
CVE-2023-7169
was published
Feb 8, 2024
A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local...
Moderate
Unreviewed
CVE-2023-6044
was published
Jan 19, 2024
An authentication bypass flaw was found in GRUB due to the way that GRUB uses the UUID of a...
Moderate
Unreviewed
CVE-2023-4001
was published
Jan 15, 2024
ELAN Match-on-Chip FPR solution has design fault about potential risk of valid SID leakage and...
Moderate
Unreviewed
CVE-2024-0454
was published
Jan 12, 2024
This issue was addressed by improving Face ID anti-spoofing models. This issue is fixed in iOS 17...
Moderate
Unreviewed
CVE-2023-41069
was published
Jan 11, 2024
An issue in PARK DANDAN mini-app on Line v13.6.1 allows attackers to send crafted malicious...
Moderate
Unreviewed
CVE-2023-43304
was published
Dec 7, 2023
Microsoft OneNote Spoofing Vulnerability
Moderate
Unreviewed
CVE-2023-36769
was published
Nov 7, 2023
Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance ...
Moderate
Unreviewed
CVE-2023-20256
was published
Nov 1, 2023
Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance ...
Moderate
Unreviewed
CVE-2023-20245
was published
Nov 1, 2023
Multiple Cisco products are affected by a vulnerability in Snort access control policies that...
Moderate
Unreviewed
CVE-2023-20246
was published
Nov 1, 2023
An authentication bypass by spoofing of a device with a synthetic IP address is possible in...
Moderate
Unreviewed
CVE-2023-28803
was published
Oct 23, 2023
This Activity Log WordPress plugin before 2.8.8 retrieves client IP addresses from potentially...
Moderate
Unreviewed
CVE-2023-4281
was published
Sep 25, 2023
The DoLogin Security WordPress plugin before 3.7 uses headers such as the X-Forwarded-For to...
Moderate
Unreviewed
CVE-2023-4631
was published
Sep 25, 2023
The User Access Manager WordPress plugin before 2.2.18 prioritizes getting a visitor's IP from...
Moderate
Unreviewed
CVE-2022-1601
was published
Aug 30, 2023
The foundry campaigns service was found to be vulnerable to an unauthenticated information...
Moderate
Unreviewed
CVE-2023-30950
was published
Aug 4, 2023
Microsoft Edge for Android Spoofing Vulnerability
Moderate
Unreviewed
CVE-2023-38173
was published
Jul 21, 2023
ProTip!
Advisories are also available from the
GraphQL API