GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
232 advisories
Filter by severity
While copying individual autoupdater log files, reparse point check was missing which could...
High
Unreviewed
CVE-2024-23458
was published
Aug 6, 2024
Flowise Cors Misconfiguration in packages/server/src/index.ts
High
CVE-2024-36421
was published
for
flowise
(npm)
Aug 5, 2024
There is a permissions and access control vulnerability in ZXCLOUD IRAI.An attacker can elevate...
Moderate
Unreviewed
CVE-2024-22062
was published
Jul 9, 2024
Origin Validation Error in GitHub repository stitionai/devika prior to -.
High
Unreviewed
CVE-2024-5549
was published
Jul 9, 2024
Classic builder cache poisoning
Moderate
CVE-2024-24557
was published
for
github.com/docker/docker
(Go)
Feb 1, 2024
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local...
High
Unreviewed
CVE-2024-36302
was published
Jun 11, 2024
Brocade
Web Interface in Brocade Fabric OS v9.x and before v9.2.0 does not
properly represent...
Moderate
Unreviewed
CVE-2023-5973
was published
Apr 5, 2024
Lack of validation of origin in federation API in Conduit, allowing any remote server to...
Moderate
Unreviewed
CVE-2024-6301
was published
Jun 25, 2024
Keycloak's unvalidated cross-origin messages in checkLoginIframe leads to DDoS
High
CVE-2024-1249
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 17, 2024
IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to...
Moderate
Unreviewed
CVE-2023-30996
was published
Feb 26, 2024
A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between...
Moderate
Unreviewed
CVE-2024-2182
was published
Mar 12, 2024
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker...
High
Unreviewed
CVE-2023-40547
was published
Jan 25, 2024
github.com/gofiber/fiber/v2 vulnerable to Origin Validation Error
Moderate
CVE-2018-20744
was published
for
github.com/gofiber/fiber/v2
(Go)
May 14, 2022
Cross-site WebSocket hijacking vulnerability in the Jenkins CLI
High
CVE-2024-23898
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Jan 24, 2024
An origin validation vulnerability exists in
BIG-IP APM browser network access VPN client
...
High
Unreviewed
CVE-2024-28883
was published
May 8, 2024
A vulnerability exists in the too permissive HTTP response header web server settings of the...
High
Unreviewed
CVE-2024-2377
was published
Apr 30, 2024
Keycloak path traversal vulnerability in the redirect validation
High
CVE-2024-2419
was published
for
org.keycloak:keycloak-services
(Maven)
Apr 17, 2024
The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and...
Critical
Unreviewed
CVE-2018-5409
was published
May 24, 2022
An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker...
High
Unreviewed
CVE-2023-28349
was published
May 31, 2023
Phoenix before 1.6.14 mishandles check_origin wildcarding
High
CVE-2022-42975
was published
for
phoenix
(Erlang)
Oct 17, 2022
The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via...
Moderate
Unreviewed
CVE-2023-5718
was published
Oct 23, 2023
Origin Validation Error vulnerability in Zscaler Client Connector on Linux allows Inclusion of...
High
Unreviewed
CVE-2023-28795
was published
Oct 23, 2023
The Zscaler Client Connector for macOS prior to 3.6 did not sufficiently validate RPC clients. A...
Moderate
Unreviewed
CVE-2021-26737
was published
Oct 23, 2023
The Zscaler Client Connector Installer and Unsintallers for Windows prior to 3.6 had an unquoted...
High
Unreviewed
CVE-2021-26735
was published
Oct 23, 2023
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2023-44190
was published
Oct 12, 2023
ProTip!
Advisories are also available from the
GraphQL API