GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,259
Composer 4,354
Erlang 31
GitHub Actions 22
Go 2,120
Maven 5,293
npm 3,779
NuGet 681
pip 3,460
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,852

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

25 advisories

Filter by severity

Sort by

Least recently updated

Microsoft Edge (Chromium-based) Spoofing Vulnerability Moderate Unreviewed

CVE-2025-21267 was published Feb 7, 2025

An improper neutralization of special elements in output used by a downstream component (... Moderate Unreviewed

CVE-2024-33510 was published Nov 12, 2024

Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote... Moderate Unreviewed

CVE-2024-5500 was published Jul 17, 2024

Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a... Moderate Unreviewed

CVE-2024-3844 was published Apr 17, 2024

Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an... Moderate Unreviewed

CVE-2024-3838 was published Apr 17, 2024

An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint... Moderate Unreviewed

CVE-2024-23592 was published Apr 5, 2024

Zoom for Windows clients prior to 5.14.0 contain an improper restriction of operations within the... Moderate Unreviewed

CVE-2023-28601 was published Jun 13, 2023

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address... Moderate Unreviewed

CVE-2021-34790 was published May 24, 2022

Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address... Moderate Unreviewed

CVE-2021-34791 was published May 24, 2022

It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in... Moderate Unreviewed

CVE-2020-10743 was published May 24, 2022

A flaw was found in the OpenShift web console, where the access token is stored in the browser's... Moderate Unreviewed

CVE-2020-1761 was published May 24, 2022

A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for... Moderate Unreviewed

CVE-2021-3448 was published May 24, 2022

A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check... Moderate Unreviewed

CVE-2020-25686 was published May 24, 2022

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query,... Moderate Unreviewed

CVE-2020-25685 was published May 24, 2022

A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query,... Moderate Unreviewed

CVE-2020-25684 was published May 24, 2022

cPanel before 70.0.23 does not prevent e-mail account suspensions from being applied to unowned... Moderate Unreviewed

CVE-2018-20934 was published May 24, 2022

Curam Universal Access in IBM Curam Social Program Management (SPM) 6.0 SP2 before EP26, 6.0.4... Moderate Unreviewed

CVE-2014-4843 was published May 17, 2022

Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory... Moderate Unreviewed

CVE-2017-8152 was published May 17, 2022

Inconsistent documentation in Apache Tomcat Moderate

CVE-2017-15706 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022

It was found that Diffie Hellman Client key exchange handling in NSS 3.21.x was vulnerable to... Moderate Unreviewed

CVE-2016-8635 was published May 13, 2022

A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS... Moderate Unreviewed

CVE-2017-12303 was published May 13, 2022

A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus... Moderate Unreviewed

CVE-2017-6032 was published May 13, 2022

Samba from version 4.9.0 and before version 4.9.3 that have AD DC configurations watching for bad... Moderate Unreviewed

CVE-2018-16857 was published May 13, 2022

A vulnerability has been identified in RUGGEDCOM ROS M2100 (All versions < V5.6.0), RUGGEDCOM ROS... Moderate Unreviewed

CVE-2021-42017 was published Mar 9, 2022

In marshmallow library the schema "only" option treats an empty list as implying no "only" option Moderate

CVE-2018-17175 was published for marshmallow (pip) Oct 10, 2018

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

25 advisories