GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,731
Composer 4,237
Erlang 31
GitHub Actions 21
Go 2,004
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,685

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

120 advisories

Filter by severity

Sort by

Least recently updated

A malicious extension with the 'search' permission could have installed a new search engine whose... Moderate Unreviewed

CVE-2021-23986 was published May 24, 2022

An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate... Moderate Unreviewed

CVE-2020-15734 was published May 24, 2022

Inappropriate implementation in storage in Google Chrome prior to 90.0.4430.72 allowed a remote... Moderate Unreviewed

CVE-2021-21209 was published May 24, 2022

Inappropriate implementation in Navigation in Google Chrome on iOS prior to 90.0.4430.72 allowed... Moderate Unreviewed

CVE-2021-21211 was published May 24, 2022

Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a... Moderate Unreviewed

CVE-2021-30596 was published May 24, 2022

Incorrect security UI in Web Browser UI in Google Chrome prior to 94.0.4606.54 allowed a remote... Moderate Unreviewed

CVE-2021-37971 was published May 24, 2022

Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54... Moderate Unreviewed

CVE-2021-37966 was published May 24, 2022

Through use of reportValidity() and window.open(), a plain-text validation message could have... Moderate Unreviewed

CVE-2021-38497 was published May 24, 2022

An origin validation error vulnerability in Trend Micro Apex One and Apex One as a Service could... Moderate Unreviewed

CVE-2022-40140 was published Sep 20, 2022

Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker... Moderate Unreviewed

CVE-2019-13740 was published May 24, 2022

The Remote App module in Liferay Portal through v7.4.3.8 and Liferay DXP through v7.4 does not... Moderate Unreviewed

CVE-2022-25146 was published Mar 4, 2022

Improper Handling of Exceptional Conditions and Origin Validation Error in Eclipse Paho Java client library Moderate

CVE-2019-11777 was published for org.eclipse.paho:org.eclipse.paho.client.mqttv3 (Maven) Sep 17, 2019

Insufficient origin validation in IndexedDB in Google Chrome prior to 72.0.3626.81 allowed a... Moderate Unreviewed

CVE-2019-5773 was published May 13, 2022

For versions of Apache Knox from 0.2.0 to 0.11.0 - an authenticated user may use a specially... Moderate Unreviewed

CVE-2017-5646 was published May 13, 2022

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of... Moderate Unreviewed

CVE-2018-8112 was published May 13, 2022

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of... Moderate Unreviewed

CVE-2018-8235 was published May 13, 2022

When a user loaded a Web Extensions context menu, the Web Extension could access the post... Moderate Unreviewed

CVE-2021-43531 was published Dec 9, 2021

The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla... Moderate Unreviewed

CVE-2014-1502 was published May 13, 2022

Mozilla Firefox before 16.0.1, Firefox ESR 10.x before 10.0.9, Thunderbird before 16.0.1,... Moderate Unreviewed

CVE-2012-4193 was published May 13, 2022

Google Chrome before 17.0.963.83 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed

CVE-2011-3056 was published May 13, 2022

The extension implementation in Google Chrome before 17.0.963.46 does not properly handle... Moderate Unreviewed

CVE-2011-3956 was published May 13, 2022

Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed

CVE-2011-3067 was published May 13, 2022

Google Chrome before 18.0.1025.151 allows remote attackers to bypass the Same Origin Policy via... Moderate Unreviewed

CVE-2011-3072 was published May 13, 2022

If two same-origin documents set document.domain differently to become cross-origin, it was... Moderate Unreviewed

CVE-2019-11762 was published May 24, 2022

Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and... Moderate Unreviewed

CVE-2017-18016 was published May 13, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

120 advisories