GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,479
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
309 advisories
Filter by severity
Windows Kerberos Security Feature Bypass Vulnerability
Critical
Unreviewed
CVE-2024-20674
was published
Jan 9, 2024
A low severity vulnerability in BIPS has been identified where an attacker with high privileges...
Low
Unreviewed
CVE-2024-5812
was published
Jun 11, 2024
Multiple products that implement the IP Encapsulation within IP standard (RFC 2003, STD 1)...
Moderate
Unreviewed
CVE-2020-10136
was published
May 24, 2022
WithSecure through 2022-08-10 allows attackers to cause a denial of service (issue 3 of 5).
Moderate
Unreviewed
CVE-2022-38164
was published
Nov 8, 2022
Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a...
Moderate
Unreviewed
CVE-2024-3843
was published
Apr 17, 2024
cdbattags lua-resty-jwt 0.2.3 allows attackers to bypass all JWT-parsing signature checks by...
High
Unreviewed
CVE-2024-33531
was published
Apr 24, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability
Moderate
Unreviewed
CVE-2024-30058
was published
Jun 13, 2024
Security check loophole in HAProxy release (in combination with routing release) in Cloud Foundry...
Critical
Unreviewed
CVE-2024-37082
was published
Jul 3, 2024
Jenkins Script Security Plugin sandbox bypass vulnerability
High
CVE-2024-34145
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 2, 2024
Certain http endpoints of Checkmk in Checkmk < 2.3.0p10 < 2.2.0p31, < 2.1.0p46, <= 2.0.0p39...
Moderate
Unreviewed
CVE-2024-6163
was published
Jul 8, 2024
Authentication Bypass by Spoofing vulnerability in Patreon Patreon WordPress allows Functionality...
Moderate
Unreviewed
CVE-2024-37430
was published
Jul 9, 2024
Microsoft Outlook for Mac Spoofing Vulnerability.
High
Unreviewed
CVE-2022-44713
was published
Dec 13, 2022
An issue was discovered in WUZHICMS version 4.1.0, allows an attacker to execute arbitrary code...
Moderate
Unreviewed
CVE-2024-31008
was published
Apr 3, 2024
An issue in Typora v.1.8.10 and before, allows a local attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2024-31784
was published
Apr 16, 2024
Skype for Business and Lync Spoofing Vulnerability.
Moderate
Unreviewed
CVE-2022-26910
was published
Apr 16, 2022
The CloudStack SAML authentication (disabled by default) does not enforce signature check. In...
High
Unreviewed
CVE-2024-41107
was published
Jul 19, 2024
An IP Spoofing vulnerability has been discovered in Likeshop up to 2.5.7.20210811. This issue...
Moderate
Unreviewed
CVE-2024-41432
was published
Aug 7, 2024
PingOne MFA Integration Kit contains a vulnerability related to the Prompt Users to Set Up MFA...
High
Unreviewed
CVE-2023-40356
was published
Jul 9, 2024
PingOne MFA Integration Kit contains a vulnerability where the skipMFA action can be configured...
High
Unreviewed
CVE-2023-40702
was published
Jul 9, 2024
python-jwt vulnerable to token forgery with new claims
Critical
CVE-2022-39227
was published
for
python-jwt
(pip)
Sep 21, 2022
Apache SeaTunnel Web Authentication vulnerability
High
CVE-2023-48396
was published
for
org.apache.seatunnel:seatunnel-web
(Maven)
Jul 30, 2024
A flaw was found in OpenShift's Telemeter. If certain conditions are in place, an attacker can...
High
Unreviewed
CVE-2024-5037
was published
Jun 5, 2024
Typecho v1.3.0 was discovered to contain a Client IP Spoofing vulnerability, which allows...
Moderate
Unreviewed
CVE-2024-35538
was published
Aug 19, 2024
Typecho v1.3.0 was discovered to contain a race condition vulnerability in the post commenting...
Moderate
Unreviewed
CVE-2024-35539
was published
Aug 19, 2024
In WS_FTP Server versions before 8.8.8 (2022.0.8), a Missing Critical Step in Multi-Factor...
Moderate
Unreviewed
CVE-2024-7745
was published
Aug 28, 2024
ProTip!
Advisories are also available from the
GraphQL API