GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
119 advisories
Filter by severity
An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information...
Moderate
Unreviewed
CVE-2024-51037
was published
Nov 15, 2024
The origin of an external protocol handler prompt could have been obscured using a data: URL...
Moderate
Unreviewed
CVE-2024-10460
was published
Oct 29, 2024
Gradio's CORS origin validation accepts the null origin
Moderate
CVE-2024-47165
was published
for
gradio
(pip)
Oct 10, 2024
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of...
Moderate
Unreviewed
CVE-2024-44187
was published
Sep 17, 2024
Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed...
Moderate
Unreviewed
CVE-2024-7978
was published
Aug 21, 2024
Mattermost allows remote actor to set arbitrary RemoteId values for synced users
Moderate
CVE-2024-41926
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Aug 1, 2024
There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate...
Moderate
Unreviewed
CVE-2024-22062
was published
Jul 9, 2024
Lack of validation of origin in federation API in Conduit, allowing any remote server to...
Moderate
Unreviewed
CVE-2024-6301
was published
Jun 25, 2024
Brocade
Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not
properly represent...
Moderate
Unreviewed
CVE-2023-5973
was published
Apr 5, 2024
A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between...
Moderate
Unreviewed
CVE-2024-2182
was published
Mar 12, 2024
An unauthenticated remote attacker can perform a remote code execution due to an origin...
Moderate
Unreviewed
CVE-2024-25996
was published
Mar 12, 2024
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to...
Moderate
Unreviewed
CVE-2023-30996
was published
Feb 26, 2024
An unauthenticated attacker can send a ping request from one network to another through an error...
Moderate
Unreviewed
CVE-2024-24782
was published
Feb 13, 2024
Classic builder cache poisoning
Moderate
CVE-2024-24557
was published
for
github.com/docker/docker
(Go)
Feb 1, 2024
Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote...
Moderate
Unreviewed
CVE-2024-0814
was published
Jan 24, 2024
A phishing site could have repurposed an `about:` dialog to show phishing content with an...
Moderate
Unreviewed
CVE-2024-0749
was published
Jan 23, 2024
A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA)...
Moderate
Unreviewed
CVE-2023-20275
was published
Dec 12, 2023
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Privilege Abuse...
Moderate
Unreviewed
CVE-2023-28794
was published
Nov 6, 2023
Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a...
Moderate
Unreviewed
CVE-2023-5859
was published
Nov 1, 2023
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote...
Moderate
Unreviewed
CVE-2023-5853
was published
Nov 1, 2023
Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed...
Moderate
Unreviewed
CVE-2023-5858
was published
Nov 1, 2023
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a...
Moderate
Unreviewed
CVE-2023-5851
was published
Nov 1, 2023
The Zscaler Client Connector for macOS prior to 3.6 did not sufficiently validate RPC clients. A...
Moderate
Unreviewed
CVE-2021-26737
was published
Oct 23, 2023
The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via...
Moderate
Unreviewed
CVE-2023-5718
was published
Oct 23, 2023
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2023-44190
was published
Oct 12, 2023
ProTip!
Advisories are also available from the
GraphQL API