GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
106 advisories
Filter by severity
When a user loaded a Web Extensions context menu, the Web Extension could access the post...
Moderate
Unreviewed
CVE-2021-43531
was published
Dec 9, 2021
The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently...
Moderate
Unreviewed
CVE-2021-38507
was published
Dec 9, 2021
In all versions before 7.2.1.4, when proxy settings are configured in the network access resource...
Moderate
Unreviewed
CVE-2022-23032
was published
Jan 26, 2022
Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote...
Moderate
Unreviewed
CVE-2022-0120
was published
Feb 13, 2022
Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a...
Moderate
Unreviewed
CVE-2022-0108
was published
Feb 13, 2022
Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote...
Moderate
Unreviewed
CVE-2022-0113
was published
Feb 13, 2022
Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a...
Moderate
Unreviewed
CVE-2022-0111
was published
Feb 13, 2022
The Remote App module in Liferay Portal through v7.4.3.8 and Liferay DXP through v7.4 does not...
Moderate
Unreviewed
CVE-2022-25146
was published
Mar 4, 2022
A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue...
Moderate
Unreviewed
CVE-2022-22594
was published
Mar 19, 2022
FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which...
Moderate
Unreviewed
CVE-2003-0981
was published
Apr 29, 2022
Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a...
Moderate
Unreviewed
CVE-1999-1549
was published
Apr 30, 2022
By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received...
Moderate
Unreviewed
CVE-2001-1452
was published
Apr 30, 2022
Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that...
Moderate
Unreviewed
CVE-2005-0877
was published
May 1, 2022
Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a...
Moderate
Unreviewed
CVE-2019-5773
was published
May 13, 2022
For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially...
Moderate
Unreviewed
CVE-2017-5646
was published
May 13, 2022
A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of...
Moderate
Unreviewed
CVE-2018-8112
was published
May 13, 2022
A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of...
Moderate
Unreviewed
CVE-2018-8235
was published
May 13, 2022
Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1,...
Moderate
Unreviewed
CVE-2012-4193
was published
May 13, 2022
The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla...
Moderate
Unreviewed
CVE-2014-1502
was published
May 13, 2022
The extension implementation in Google Chrome before 17.0.963.46 does not properly handle...
Moderate
Unreviewed
CVE-2011-3956
was published
May 13, 2022
Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via...
Moderate
Unreviewed
CVE-2011-3056
was published
May 13, 2022
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via...
Moderate
Unreviewed
CVE-2011-3072
was published
May 13, 2022
Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via...
Moderate
Unreviewed
CVE-2011-3067
was published
May 13, 2022
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and...
Moderate
Unreviewed
CVE-2017-18016
was published
May 13, 2022
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows...
Moderate
Unreviewed
CVE-2017-8523
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API