Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,004
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

120 advisories

Loading
A phishing site could have repurposed an `about:` dialog to show phishing content with an... Moderate Unreviewed
CVE-2024-0749 was published Jan 23, 2024
A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA)... Moderate Unreviewed
CVE-2023-20275 was published Dec 12, 2023
Incorrect security UI in Payments in Google Chrome prior to 121.0.6167.85 allowed a remote... Moderate Unreviewed
CVE-2024-0814 was published Jan 24, 2024
Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a... Moderate Unreviewed
CVE-1999-1549 was published Apr 30, 2022
Dnsmasq before 2.21 allows remote attackers to poison the DNS cache via answers to queries that... Moderate Unreviewed
CVE-2005-0877 was published May 1, 2022
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a... Moderate Unreviewed
CVE-2023-5851 was published Nov 1, 2023
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote... Moderate Unreviewed
CVE-2023-5853 was published Nov 1, 2023
Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed... Moderate Unreviewed
CVE-2023-5858 was published Nov 1, 2023
Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a... Moderate Unreviewed
CVE-2023-5859 was published Nov 1, 2023
An unauthenticated attacker can send a ping request from one network to another through an error... Moderate Unreviewed
CVE-2024-24782 was published Feb 13, 2024
By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received... Moderate Unreviewed
CVE-2001-1452 was published Apr 30, 2022
FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which... Moderate Unreviewed
CVE-2003-0981 was published Apr 29, 2022
An unauthenticated remote attacker can perform a remote code execution due to an origin... Moderate Unreviewed
CVE-2024-25996 was published Mar 12, 2024
Cross-origin images can be read in violation of the same-origin policy by exporting an image... Moderate Unreviewed
CVE-2019-9797 was published May 24, 2022
If WebRTC permission is requested from documents with data: or blob: URLs, the permission... Moderate Unreviewed
CVE-2019-9808 was published May 24, 2022
Images from a different domain can be read using a canvas object in some circumstances. This... Moderate Unreviewed
CVE-2019-9817 was published May 24, 2022
hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection... Moderate Unreviewed
CVE-2019-16275 was published May 24, 2022
An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for... Moderate Unreviewed
CVE-2019-5062 was published May 24, 2022
A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension... Moderate Unreviewed
CVE-2019-1413 was published May 24, 2022
Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab... Moderate Unreviewed
CVE-2023-23601 was published Jun 2, 2023
The underlying feedback mechanism of Rockwell Automation's FactoryTalk System Services that... Moderate Unreviewed
CVE-2023-2639 was published Jun 13, 2023
In notification access permission dialog box, malicious application can embedded a very long... Moderate Unreviewed
CVE-2023-21260 was published Jul 13, 2023
A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the... Moderate Unreviewed
CVE-2023-30949 was published Jul 26, 2023
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to... Moderate Unreviewed
CVE-2023-4045 was published Aug 1, 2023
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS... Moderate Unreviewed
CVE-2023-44189 was published Oct 12, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database