Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

231 advisories

Loading
IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS)... Critical Unreviewed
CVE-2021-39063 was published Dec 14, 2021
The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3,... High Unreviewed
CVE-2014-1487 was published May 13, 2022
Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1,... Moderate Unreviewed
CVE-2012-4193 was published May 13, 2022
Google V8, as used in Google Chrome before 14.0.835.163, allows remote attackers to bypass the... High Unreviewed
CVE-2011-2856 was published May 13, 2022
avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with... Critical Unreviewed
CVE-2017-6519 was published May 13, 2022
The extension implementation in Google Chrome before 17.0.963.46 does not properly handle... Moderate Unreviewed
CVE-2011-3956 was published May 13, 2022
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed
CVE-2011-3056 was published May 13, 2022
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed
CVE-2011-3072 was published May 13, 2022
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed
CVE-2011-3067 was published May 13, 2022
The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications... Critical Unreviewed
CVE-2018-5400 was published May 13, 2022
If two same-origin documents set document.domain differently to become cross-origin, it was... Moderate Unreviewed
CVE-2019-11762 was published May 24, 2022
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and... Moderate Unreviewed
CVE-2017-18016 was published May 13, 2022
An origin validation error vulnerability in Trend Micro Apex One agents could allow a local... High Unreviewed
CVE-2022-41749 was published Oct 11, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and... High Unreviewed
CVE-2020-9903 was published May 24, 2022
An issue was discovered on Accellion FTA devices before FTA_9_12_180. By sending a POST request... High Unreviewed
CVE-2017-8793 was published May 13, 2022
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows... Moderate Unreviewed
CVE-2017-8530 was published May 13, 2022
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows... Moderate Unreviewed
CVE-2017-8523 was published May 13, 2022
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to exploit a security feature... Moderate Unreviewed
CVE-2017-8650 was published May 13, 2022
The internal WebBrowserPersist code does not use correct origin context for a resource being... Moderate Unreviewed
CVE-2018-12402 was published May 13, 2022
A missing origin check related to HLS manifests in Blink in Google Chrome prior to 69.0.3497.81... Moderate Unreviewed
CVE-2018-16072 was published May 13, 2022
The Grammarly extension before 2018-02-02 for Chrome allows remote attackers to discover... High Unreviewed
CVE-2018-6654 was published May 13, 2022
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which... High Unreviewed
CVE-2018-6764 was published May 13, 2022
A same-origin policy violation allowing the theft of cross-origin URL entries when using the... Moderate Unreviewed
CVE-2018-18494 was published May 14, 2022
A same-origin policy violation allowing the theft of cross-origin URL entries when using a meta... Moderate Unreviewed
CVE-2018-18499 was published May 14, 2022
EPSON WF-2750 printers with firmware JP02I2 do not properly validate files before running updates... High Unreviewed
CVE-2018-14903 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database