GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+
62 advisories
Filter by severity
An improper neutralization of special elements in output used by a downstream component (...
Moderate
Unreviewed
CVE-2024-33510
was published
Nov 12, 2024
In wifi_item_edit_content of styles.xml , there is a possible FRP bypass due to Missing check for...
High
Unreviewed
CVE-2024-40650
was published
Sep 11, 2024
An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web...
Low
Unreviewed
CVE-2024-36511
was published
Sep 10, 2024
Inappropriate implementation in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote...
High
Unreviewed
CVE-2024-7965
was published
Aug 21, 2024
A vulnerability has been identified in SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) (All versions ...
Low
Unreviewed
CVE-2024-41907
was published
Aug 13, 2024
Inappropriate implementation in Fullscreen in Google Chrome on Android prior to 127.0.6533.72...
Critical
Unreviewed
CVE-2024-6995
was published
Aug 6, 2024
Inappropriate implementation in FedCM in Google Chrome prior to 127.0.6533.72 allowed a remote...
Critical
Unreviewed
CVE-2024-7003
was published
Aug 6, 2024
Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote...
Moderate
Unreviewed
CVE-2024-5500
was published
Jul 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote...
High
Unreviewed
CVE-2024-6773
was published
Jul 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote...
High
Unreviewed
CVE-2024-6772
was published
Jul 17, 2024
Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote...
High
Unreviewed
CVE-2024-6101
was published
Jun 20, 2024
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5. An app...
High
Unreviewed
CVE-2024-27842
was published
May 14, 2024
A vulnerability exists in the RTU500 that allows for authenticated and authorized users to...
High
Unreviewed
CVE-2024-2617
was published
Apr 30, 2024
Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a...
Moderate
Unreviewed
CVE-2024-3844
was published
Apr 17, 2024
Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an...
Moderate
Unreviewed
CVE-2024-3838
was published
Apr 17, 2024
An issue in Weave Weave Desktop v.7.78.10 allows a local attacker to execute arbitrary code via a...
High
Unreviewed
CVE-2024-25545
was published
Apr 12, 2024
An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint...
Moderate
Unreviewed
CVE-2024-23592
was published
Apr 5, 2024
Inappropriate implementation in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote...
High
Unreviewed
CVE-2024-2174
was published
Mar 6, 2024
RPyC's missing security check results in code execution when using numpy.array on the server-side.
High
CVE-2024-27758
was published
for
rpyc
(pip)
Mar 6, 2024
Java: DoS Vulnerability in JSON-JAVA
High
CVE-2023-5072
was published
for
org.json:json
(Maven)
Nov 14, 2023
vantage6-server node accepts non-whitelisted algorithms from malicious server
High
CVE-2023-47631
was published
for
vantage6-server
(pip)
Nov 14, 2023
The issue was addressed with improved UI handling. This issue is fixed in iOS 17.1 and iPadOS 17...
High
Unreviewed
CVE-2023-40445
was published
Oct 25, 2023
A non-feature complete authentication mechanism exists in the production application allowing an...
Critical
Unreviewed
CVE-2023-3266
was published
Aug 14, 2023
Parameter verification vulnerability in the installd module. Successful exploitation of this...
Critical
Unreviewed
CVE-2023-39403
was published
Aug 13, 2023
Client Spoofing within the Keycloak Device Authorisation Grant
Low
CVE-2023-2585
was published
for
org.keycloak:keycloak-server-spi-private
(Maven)
Jun 30, 2023
ProTip!
Advisories are also available from the
GraphQL API