GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
190 advisories
Filter by severity
A cross-origin issue in the IndexDB API was addressed with improved input validation. This issue...
Moderate
Unreviewed
CVE-2022-22594
was published
Mar 19, 2022
In Dreamacro 1.1.0, an attacker could embed a malicious iframe in a website with a crafted URL...
High
Unreviewed
CVE-2020-24772
was published
Mar 22, 2022
AVEVA System Platform versions 2017 through 2020 R2 P01 does not properly verify that the source...
High
Unreviewed
CVE-2021-32985
was published
Apr 5, 2022
A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking...
High
Unreviewed
CVE-2022-42927
was published
Dec 22, 2022
An exploitable denial-of-service vulnerability exists in the Weave error reporting functionality...
High
Unreviewed
CVE-2019-5036
was published
May 24, 2022
The authentication mechanism used by voters to activate a voting session on the tested version of...
Moderate
Unreviewed
CVE-2022-1747
was published
Jun 25, 2022
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),...
Moderate
Unreviewed
CVE-2022-30228
was published
Jun 15, 2022
Inappropriate implementation in Input in Google Chrome prior to 101.0.4951.41 allowed a remote...
Moderate
Unreviewed
CVE-2022-1497
was published
Jul 27, 2022
Skia, as used in Google Chrome before 50.0.2661.94, allows remote attackers to bypass the Same...
High
Unreviewed
CVE-2016-5168
was published
May 17, 2022
Origin validation error vulnerability in NeoRS’s ActiveX moudle allows attackers to download and...
High
Unreviewed
CVE-2022-23763
was published
Jun 29, 2022
An issue was discovered in Smiths-Medical CADD-Solis Medication Safety Software, Version 1.0; 2.0...
High
Unreviewed
CVE-2016-8358
was published
May 17, 2022
Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in...
High
Unreviewed
CVE-2018-6690
was published
May 13, 2022
Thinfinity VNC v4.0.0.1 contains a Cross-Origin Resource Sharing (CORS) vulnerability which can...
High
Unreviewed
CVE-2022-25227
was published
May 21, 2022
Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with...
Moderate
Unreviewed
CVE-2019-8282
was published
May 24, 2022
Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote...
Moderate
Unreviewed
CVE-2019-5834
was published
May 24, 2022
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same...
High
Unreviewed
CVE-2019-8069
was published
May 24, 2022
Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass...
High
Unreviewed
CVE-2019-8075
was published
May 24, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, 21.0.2, 21.0.3, and 21.0.4 is vulnerable to cross...
Moderate
Unreviewed
CVE-2022-41294
was published
Oct 6, 2022
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block...
Moderate
Unreviewed
CVE-2020-11868
was published
May 24, 2022
The Opportunistic Encryption feature of HTTP2 (RFC 8164) allows a connection to be transparently...
Moderate
Unreviewed
CVE-2021-38507
was published
Dec 9, 2021
A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches...
Moderate
Unreviewed
CVE-2021-1231
was published
May 24, 2022
When a link to an external protocol was clicked, a prompt was presented that allowed the user to...
Moderate
Unreviewed
CVE-2020-15682
was published
May 24, 2022
A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of...
Moderate
Unreviewed
CVE-2019-8754
was published
May 24, 2022
A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7...
High
Unreviewed
CVE-2020-3864
was published
May 24, 2022
DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write...
High
Unreviewed
CVE-2021-27197
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API