GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
120 advisories
Filter by severity
Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72 allowed a remote...
Moderate
Unreviewed
CVE-2021-21209
was published
May 24, 2022
An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS...
Moderate
Unreviewed
CVE-2021-28048
was published
May 24, 2022
An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate...
Moderate
Unreviewed
CVE-2020-15734
was published
May 24, 2022
A malicious extension with the 'search' permission could have installed a new search engine whose...
Moderate
Unreviewed
CVE-2021-23986
was published
May 24, 2022
Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a...
Moderate
Unreviewed
CVE-2021-21183
was published
May 24, 2022
Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a...
Moderate
Unreviewed
CVE-2021-21184
was published
May 24, 2022
Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a...
Moderate
Unreviewed
CVE-2021-21175
was published
May 24, 2022
Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72...
Moderate
Unreviewed
CVE-2021-21164
was published
May 24, 2022
Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed...
Moderate
Unreviewed
CVE-2021-21163
was published
May 24, 2022
A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches...
Moderate
Unreviewed
CVE-2021-1231
was published
May 24, 2022
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96...
Moderate
Unreviewed
CVE-2021-21136
was published
May 24, 2022
Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a...
Moderate
Unreviewed
CVE-2021-21135
was published
May 24, 2022
An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus...
Moderate
Unreviewed
CVE-2020-15733
was published
May 24, 2022
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of...
Moderate
Unreviewed
CVE-2019-8754
was published
May 24, 2022
When a link to an external protocol was clicked, a prompt was presented that allowed the user to...
Moderate
Unreviewed
CVE-2020-15682
was published
May 24, 2022
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the...
Moderate
Unreviewed
CVE-2020-15652
was published
May 24, 2022
Temi firmware 20190419.165201 does not properly verify that the source of data or communication...
Moderate
Unreviewed
CVE-2020-16168
was published
May 24, 2022
By encoding Unicode whitespace characters within the From email header, an attacker can spoof the...
Moderate
Unreviewed
CVE-2020-12397
was published
May 24, 2022
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block...
Moderate
Unreviewed
CVE-2020-11868
was published
May 24, 2022
If two same-origin documents set document.domain differently to become cross-origin, it was...
Moderate
Unreviewed
CVE-2019-11762
was published
May 24, 2022
An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for...
Moderate
Unreviewed
CVE-2019-5062
was published
May 24, 2022
Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker...
Moderate
Unreviewed
CVE-2019-13740
was published
May 24, 2022
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection...
Moderate
Unreviewed
CVE-2019-16275
was published
May 24, 2022
Images from a different domain can be read using a canvas object in some circumstances. This...
Moderate
Unreviewed
CVE-2019-9817
was published
May 24, 2022
Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote...
Moderate
Unreviewed
CVE-2019-5834
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API