GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

190 advisories

Filter by severity

Sort by

Least recently updated

When a user loaded a Web Extensions context menu, the Web Extension could access the post... Moderate Unreviewed

CVE-2021-43531 was published Dec 9, 2021

The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently... Moderate Unreviewed

CVE-2021-38507 was published Dec 9, 2021

IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS)... Critical Unreviewed

CVE-2021-39063 was published Dec 14, 2021

glFusion CMS v1.7.9 is affected by an arbitrary user impersonation vulnerability in /public_html... Critical Unreviewed

CVE-2021-44935 was published Dec 15, 2021

In all versions before 7.2.1.4, when proxy settings are configured in the network access resource... Moderate Unreviewed

CVE-2022-23032 was published Jan 26, 2022

Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote... Moderate Unreviewed

CVE-2022-0120 was published Feb 13, 2022

Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a... Moderate Unreviewed

CVE-2022-0111 was published Feb 13, 2022

Inappropriate implementation in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote... Moderate Unreviewed

CVE-2022-0113 was published Feb 13, 2022

Inappropriate implementation in Navigation in Google Chrome prior to 97.0.4692.71 allowed a... Moderate Unreviewed

CVE-2022-0108 was published Feb 13, 2022

The Remote App module in Liferay Portal through v7.4.3.8 and Liferay DXP through v7.4 does not... Moderate Unreviewed

CVE-2022-25146 was published Mar 4, 2022

A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue... Moderate Unreviewed

CVE-2022-22594 was published Mar 19, 2022

In Dreamacro 1.1.0, an attacker could embed a malicious iframe in a website with a crafted URL... High Unreviewed

CVE-2020-24772 was published Mar 22, 2022

AVEVA System Platform versions 2017 through 2020 R2 P01 does not properly verify that the source... High Unreviewed

CVE-2021-32985 was published Apr 5, 2022

In JetBrains IntelliJ IDEA before 2022.1 origin checks in the internal web server were flawed High Unreviewed

CVE-2022-29818 was published Apr 29, 2022

FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which... Moderate Unreviewed

CVE-2003-0981 was published Apr 29, 2022

Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a... Moderate Unreviewed

CVE-1999-1549 was published Apr 30, 2022

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000,... High Unreviewed

CVE-2000-1218 was published Apr 30, 2022

By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received... Moderate Unreviewed

CVE-2001-1452 was published Apr 30, 2022

Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that... Moderate Unreviewed

CVE-2005-0877 was published May 1, 2022

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which... High Unreviewed

CVE-2009-1185 was published May 2, 2022

An exploitable permanent denial of service vulnerability exists in Insteon Hub running firmware... High Unreviewed

CVE-2018-3834 was published May 13, 2022

Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a... Moderate Unreviewed

CVE-2019-5773 was published May 13, 2022

For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially... Moderate Unreviewed

CVE-2017-5646 was published May 13, 2022

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of... High Unreviewed

CVE-2018-4319 was published May 13, 2022

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of... Moderate Unreviewed

CVE-2018-8112 was published May 13, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

190 advisories