GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,730
Composer 4,237
Erlang 31
GitHub Actions 21
Go 2,003
Maven 5,193
npm 3,716
NuGet 661
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,684

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

119 advisories

Filter by severity

Sort by

Least recently updated

An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS... Moderate Unreviewed

CVE-2021-28048 was published May 24, 2022

An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate... Moderate Unreviewed

CVE-2020-15734 was published May 24, 2022

A malicious extension with the 'search' permission could have installed a new search engine whose... Moderate Unreviewed

CVE-2021-23986 was published May 24, 2022

Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed

CVE-2021-21183 was published May 24, 2022

Inappropriate implementation in performance APIs in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed

CVE-2021-21184 was published May 24, 2022

Inappropriate implementation in Site isolation in Google Chrome prior to 89.0.4389.72 allowed a... Moderate Unreviewed

CVE-2021-21175 was published May 24, 2022

Insufficient data validation in Chrome on iOS in Google Chrome on iOS prior to 89.0.4389.72... Moderate Unreviewed

CVE-2021-21164 was published May 24, 2022

Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed... Moderate Unreviewed

CVE-2021-21163 was published May 24, 2022

A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches... Moderate Unreviewed

CVE-2021-1231 was published May 24, 2022

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 88.0.4324.96... Moderate Unreviewed

CVE-2021-21136 was published May 24, 2022

Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed a... Moderate Unreviewed

CVE-2021-21135 was published May 24, 2022

An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus... Moderate Unreviewed

CVE-2020-15733 was published May 24, 2022

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of... Moderate Unreviewed

CVE-2019-8754 was published May 24, 2022

When a link to an external protocol was clicked, a prompt was presented that allowed the user to... Moderate Unreviewed

CVE-2020-15682 was published May 24, 2022

By observing the stack trace for JavaScript errors in web workers, it was possible to leak the... Moderate Unreviewed

CVE-2020-15652 was published May 24, 2022

Temi firmware 20190419.165201 does not properly verify that the source of data or communication... Moderate Unreviewed

CVE-2020-16168 was published May 24, 2022

By encoding Unicode whitespace characters within the From email header, an attacker can spoof the... Moderate Unreviewed

CVE-2020-12397 was published May 24, 2022

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block... Moderate Unreviewed

CVE-2020-11868 was published May 24, 2022

If two same-origin documents set document.domain differently to become cross-origin, it was... Moderate Unreviewed

CVE-2019-11762 was published May 24, 2022

An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for... Moderate Unreviewed

CVE-2019-5062 was published May 24, 2022

Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.79 allowed a remote attacker... Moderate Unreviewed

CVE-2019-13740 was published May 24, 2022

hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection... Moderate Unreviewed

CVE-2019-16275 was published May 24, 2022

Images from a different domain can be read using a canvas object in some circumstances. This... Moderate Unreviewed

CVE-2019-9817 was published May 24, 2022

Insufficient data validation in Blink in Google Chrome prior to 75.0.3770.80 allowed a remote... Moderate Unreviewed

CVE-2019-5834 was published May 24, 2022

Gemalto Admin Control Center, all versions prior to 7.92, uses cleartext HTTP to communicate with... Moderate Unreviewed

CVE-2019-8282 was published May 24, 2022

Previous 1 2 3 4 5 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

119 advisories