GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,479
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
309 advisories
Filter by severity
An issue has been discovered in GitLab CE/EE affecting all versions before 15.10.8, all versions...
Moderate
Unreviewed
CVE-2023-2001
was published
Jun 7, 2023
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to external service interaction...
Moderate
Unreviewed
CVE-2022-22364
was published
May 3, 2024
Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83...
Moderate
Unreviewed
CVE-2025-0435
was published
Jan 15, 2025
Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a...
Moderate
Unreviewed
CVE-2025-0439
was published
Jan 15, 2025
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a...
Moderate
Unreviewed
CVE-2025-0446
was published
Jan 15, 2025
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83...
Moderate
Unreviewed
CVE-2025-0440
was published
Jan 15, 2025
Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote...
Moderate
Unreviewed
CVE-2025-0442
was published
Jan 15, 2025
In JetBrains YouTrack before 2024.3.55417 account takeover was possible via spoofed email and...
High
Unreviewed
CVE-2025-24458
was published
Jan 21, 2025
By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it...
Critical
Unreviewed
CVE-2024-29006
was published
Apr 4, 2024
Authentication Bypass by Spoofing vulnerability in BestWebSoft Google Captcha allows Identity...
Moderate
Unreviewed
CVE-2025-24628
was published
Jan 27, 2025
Apache Hive vulnerable to Observable Timing Discrepancy and Authentication Bypass by Spoofing
Moderate
CVE-2024-23953
was published
for
org.apache.hive:hive-llap-common
(Maven)
Jan 28, 2025
Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to...
Critical
Unreviewed
CVE-2025-21415
was published
Jan 30, 2025
In JetBrains YouTrack before 2024.3.52635 potential spoofing attack was possible via lack of...
Low
Unreviewed
CVE-2024-54158
was published
Dec 4, 2024
A missing delay in popup notifications could have made it possible for an attacker to trick a...
High
Unreviewed
CVE-2023-32207
was published
Jun 2, 2023
The device ID is based on IMEI in Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1...
Moderate
Unreviewed
CVE-2024-36557
was published
Feb 6, 2025
Authentication Bypass by Spoofing in OPC UA .NET Standard Stack
Moderate
CVE-2024-42513
was published
for
OPCFoundation.NetStandard.Opc.Ua
(NuGet)
Feb 10, 2025
Apache Zeppelin: Replacing other users notebook, bypassing any permissions
Moderate
CVE-2024-31863
was published
for
org.apache.zeppelin:zeppelin-server
(Maven)
Apr 9, 2024
The WPGateway Plugin for WordPress is vulnerable to privilege escalation in versions up to, and...
Critical
Unreviewed
CVE-2022-3180
was published
Feb 12, 2025
Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a
allows remote...
Critical
Unreviewed
CVE-2023-31424
was published
Aug 31, 2023
AMI SPx contains a vulnerability in BMC where a User may cause an authentication bypass by...
High
Unreviewed
CVE-2023-34329
was published
Jul 18, 2023
Apache HugeGraph-Server: Bypass whitelist in Auth mode
High
CVE-2024-27349
was published
for
org.apache.hugegraph:hugegraph-api
(Maven)
Apr 22, 2024
Grafana vulnerable to Authentication Bypass by Spoofing
Critical
CVE-2023-3128
was published
for
github.com/grafana/grafana
(Go)
Jun 22, 2023
ProTip!
Advisories are also available from the
GraphQL API