GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
87 advisories
Filter by severity
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local...
High
Unreviewed
CVE-2023-47194
was published
Jan 23, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local...
High
Unreviewed
CVE-2023-47197
was published
Jan 23, 2024
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Inclusion of...
High
Unreviewed
CVE-2023-28795
was published
Oct 23, 2023
The Zscaler Client Connector Installer and Unsintallers for Windows prior to 3.6 had an unquoted...
High
Unreviewed
CVE-2021-26735
was published
Oct 23, 2023
Movim prior to version 0.22 is affected by a Cross-Site WebSocket Hijacking vulnerability. This...
High
Unreviewed
CVE-2023-2848
was published
Sep 14, 2023
An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. The...
High
Unreviewed
CVE-2023-29505
was published
Aug 4, 2023
Mattermost fails to properly validate the origin of a websocket connection allowing a MITM...
High
Unreviewed
CVE-2023-3581
was published
Jul 17, 2023
An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker...
High
Unreviewed
CVE-2023-28349
was published
May 31, 2023
A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking...
High
Unreviewed
CVE-2022-42927
was published
Dec 22, 2022
Phoenix before 1.6.14 mishandles check_origin wildcarding
High
CVE-2022-42975
was published
for
phoenix
(Erlang)
Oct 17, 2022
An origin validation error vulnerability in Trend Micro Apex One agents could allow a local...
High
Unreviewed
CVE-2022-41749
was published
Oct 11, 2022
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause...
High
Unreviewed
CVE-2022-26137
was published
Jul 21, 2022
Origin validation error vulnerability in NeoRS’s ActiveX moudle allows attackers to download and...
High
Unreviewed
CVE-2022-23763
was published
Jun 29, 2022
Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar...
High
Unreviewed
CVE-2020-27969
was published
May 24, 2022
In Ping Identity RSA SecurID Integration Kit before 3.2, user impersonation can occur.
High
Unreviewed
CVE-2021-39270
was published
May 24, 2022
The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server ...
High
Unreviewed
CVE-2021-31718
was published
May 24, 2022
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the...
High
Unreviewed
CVE-2020-35556
was published
May 24, 2022
DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write...
High
Unreviewed
CVE-2021-27197
was published
May 24, 2022
IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused...
High
Unreviewed
CVE-2020-4881
was published
May 24, 2022
ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the...
High
Unreviewed
CVE-2020-6881
was published
May 24, 2022
A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7...
High
Unreviewed
CVE-2020-3864
was published
May 24, 2022
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and...
High
Unreviewed
CVE-2020-9903
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
High
Unreviewed
CVE-2020-16952
was published
May 24, 2022
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to...
High
Unreviewed
CVE-2020-16951
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API