Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,802
NuGet
687
pip
3,479
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

165 advisories

Loading
Opera Mini for Android before version 52.2 is vulnerable to an address bar spoofing attack. The... Moderate Unreviewed
CVE-2020-6158 was published Feb 21, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Night Club Booking... Moderate Unreviewed
CVE-2023-51321 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software... Moderate Unreviewed
CVE-2023-51327 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Shared Asset Booking... Moderate Unreviewed
CVE-2023-51323 was published Feb 20, 2025
A lack of rate limiting in the 'Forgot Password' feature of PHPJabbers Cleaning Business Software... Moderate Unreviewed
CVE-2023-51326 was published Feb 20, 2025
Authentication bypass by spoofing issue exists in FileMegane versions above 1.0.0.0 prior to 3.4... Moderate Unreviewed
CVE-2025-25055 was published Feb 18, 2025
Apache Zeppelin: Replacing other users notebook, bypassing any permissions Moderate
CVE-2024-31863 was published for org.apache.zeppelin:zeppelin-server (Maven) Apr 9, 2024
Authentication Bypass by Spoofing in OPC UA .NET Standard Stack Moderate
CVE-2024-42513 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Feb 10, 2025
The device ID is based on IMEI in Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1... Moderate Unreviewed
CVE-2024-36557 was published Feb 6, 2025
Apache Hive vulnerable to Observable Timing Discrepancy and Authentication Bypass by Spoofing Moderate
CVE-2024-23953 was published for org.apache.hive:hive-llap-common (Maven) Jan 28, 2025
Authentication Bypass by Spoofing vulnerability in BestWebSoft Google Captcha allows Identity... Moderate Unreviewed
CVE-2025-24628 was published Jan 27, 2025
Inappropriate implementation in Extensions in Google Chrome prior to 132.0.6834.83 allowed a... Moderate Unreviewed
CVE-2025-0446 was published Jan 15, 2025
Inappropriate implementation in Fullscreen in Google Chrome on Windows prior to 132.0.6834.83... Moderate Unreviewed
CVE-2025-0440 was published Jan 15, 2025
Inappropriate implementation in Payments in Google Chrome prior to 132.0.6834.83 allowed a remote... Moderate Unreviewed
CVE-2025-0442 was published Jan 15, 2025
Race in Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker who convinced a... Moderate Unreviewed
CVE-2025-0439 was published Jan 15, 2025
Inappropriate implementation in Navigation in Google Chrome on Android prior to 132.0.6834.83... Moderate Unreviewed
CVE-2025-0435 was published Jan 15, 2025
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 is vulnerable to external service interaction... Moderate Unreviewed
CVE-2022-22364 was published May 3, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 15.10.8, all versions... Moderate Unreviewed
CVE-2023-2001 was published Jun 7, 2023
Windows NTLM Spoofing Vulnerability. Moderate Unreviewed
CVE-2022-35770 was published Oct 12, 2022
An IDOR vulnerability in the manage-notes.php module in PHPGurukul Online Notes Sharing... Moderate Unreviewed
CVE-2024-55232 was published Dec 19, 2024
Vulnerability of HwWatchHealth being hijacked.Successful exploitation of this vulnerability may... Moderate Unreviewed
CVE-2023-34157 was published Jun 16, 2023
Authentication Bypass by Spoofing vulnerability in Michal Novák Secure Admin IP allows... Moderate Unreviewed
CVE-2023-41133 was published Dec 13, 2024
PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a... Moderate Unreviewed
CVE-2023-27199 was published Jul 5, 2023
An attacker could cause a select dropdown to be shown over another tab; this could have led to... Moderate Unreviewed
CVE-2024-11692 was published Nov 26, 2024
The incorrect domain may have been displayed in the address bar during an interrupted navigation... Moderate Unreviewed
CVE-2024-11701 was published Nov 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database