GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
115 advisories
Filter by severity
The Zscaler Client Connector for macOS prior to 3.6 did not sufficiently validate RPC clients. A...
Moderate
Unreviewed
CVE-2021-26737
was published
Oct 23, 2023
The Vue.js Devtools extension was found to leak screenshot data back to a malicious web page via...
Moderate
Unreviewed
CVE-2023-5718
was published
Oct 23, 2023
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2023-44189
was published
Oct 12, 2023
An Origin Validation vulnerability in MAC address validation of Juniper Networks Junos OS...
Moderate
Unreviewed
CVE-2023-44190
was published
Oct 12, 2023
Offscreen Canvas did not properly track cross-origin tainting, which could have been used to...
Moderate
Unreviewed
CVE-2023-4045
was published
Aug 1, 2023
Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed...
Moderate
Unreviewed
CVE-2022-4917
was published
Jul 29, 2023
A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the...
Moderate
Unreviewed
CVE-2023-30949
was published
Jul 26, 2023
In notification access permission dialog box, malicious application can embedded a very long...
Moderate
Unreviewed
CVE-2023-21260
was published
Jul 13, 2023
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could...
Moderate
Unreviewed
CVE-2023-32553
was published
Jun 27, 2023
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and...
Moderate
Unreviewed
CVE-2022-46718
was published
Jun 23, 2023
This issue was addressed with improved checks to prevent unauthorized actions. This issue is...
Moderate
Unreviewed
CVE-2022-42860
was published
Jun 23, 2023
This issue was addressed with improved redaction of sensitive information. This issue is fixed in...
Moderate
Unreviewed
CVE-2023-28191
was published
Jun 23, 2023
The underlying feedback mechanism of
Rockwell Automation's FactoryTalk System Services that...
Moderate
Unreviewed
CVE-2023-2639
was published
Jun 13, 2023
Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab...
Moderate
Unreviewed
CVE-2023-23601
was published
Jun 2, 2023
Missing Origin Validation in WebSockets vulnerability in CBOT Chatbot allows Content Spoofing Via...
Moderate
Unreviewed
CVE-2023-2886
was published
May 25, 2023
A CORS Misconfiguration in the web-based management allows a malicious third party webserver to...
Moderate
Unreviewed
CVE-2022-45139
was published
Feb 27, 2023
An attacker could have abused XSLT error handling to associate attacker-controlled content with...
Moderate
Unreviewed
CVE-2022-38472
was published
Dec 22, 2022
IBM Robotic Process Automation 21.0.0, 21.0.1, 21.0.2, 21.0.3, and 21.0.4 is vulnerable to cross...
Moderate
Unreviewed
CVE-2022-41294
was published
Oct 6, 2022
An origin validation error vulnerability in Trend Micro Apex One and Apex One as a Service could...
Moderate
Unreviewed
CVE-2022-40140
was published
Sep 20, 2022
Inappropriate implementation in Input in Google Chrome prior to 101.0.4951.41 allowed a remote...
Moderate
Unreviewed
CVE-2022-1497
was published
Jul 27, 2022
The authentication mechanism used by voters to activate a voting session on the tested version of...
Moderate
Unreviewed
CVE-2022-1747
was published
Jun 25, 2022
A vulnerability has been identified in SICAM GridEdge Essential ARM (All versions < V2.6.6),...
Moderate
Unreviewed
CVE-2022-30228
was published
Jun 15, 2022
A security feature bypass vulnerability exists when Microsoft Edge improperly handles extension...
Moderate
Unreviewed
CVE-2019-1413
was published
May 24, 2022
Through use of reportValidity() and window.open(), a plain-text validation message could have...
Moderate
Unreviewed
CVE-2021-38497
was published
May 24, 2022
Inappropriate implementation in Compositing in Google Chrome on Android prior to 94.0.4606.54...
Moderate
Unreviewed
CVE-2021-37966
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API