GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,960
Composer 4,279
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,421
Pub 12
RubyGems 891
Rust 873
Swift 36

Unreviewed advisories

All unreviewed 238,903

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

206 advisories

Filter by severity

Sort by

Least recently updated

A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI manifests... Moderate Unreviewed

CVE-2024-56170 was published Dec 18, 2024

There is an insufficient input verification vulnerability in Huawei product. Successful... High Unreviewed

CVE-2022-32144 was published Dec 20, 2024

A cookie management issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed

CVE-2024-44212 was published Dec 12, 2024

This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Sequoia 15.2.... Moderate Unreviewed

CVE-2024-54490 was published Dec 12, 2024

An incorrect access control issue was discovered in Interlink PSG-5124 version 1.0.4, allows... Critical Unreviewed

CVE-2023-29711 was published Jun 22, 2023

In Siglent SDS 1104X-E SDS1xx4X-E_V6.1.37R9.ADS, insecure SCPI interface discloses web password. Critical Unreviewed

CVE-2023-25366 was published Jun 16, 2023

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a... High Unreviewed

CVE-2023-25188 was published Jun 16, 2023

An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks... Moderate Unreviewed

CVE-2024-0009 was published Feb 14, 2024

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and... Moderate Unreviewed

CVE-2022-46718 was published Jun 23, 2023

This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Moderate Unreviewed

CVE-2023-28191 was published Jun 23, 2023

This issue was addressed with improved checks to prevent unauthorized actions. This issue is... Moderate Unreviewed

CVE-2022-42860 was published Jun 23, 2023

MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking. Moderate Unreviewed

CVE-2024-45495 was published Nov 29, 2024

An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could... Moderate Unreviewed

CVE-2023-32553 was published Jun 27, 2023

D-Link DSL-224 firmware version 3.0.10 allows post authentication command execution via an... High Unreviewed

CVE-2023-32223 was published Jun 28, 2023

An issue in Instrument Cluster KIA Seltos Software v1.0, Hardware v1.0 allows attackers to cause... Moderate Unreviewed

CVE-2024-51072 was published Nov 22, 2024

The Kossy module before 0.60 for Perl allows JSON hijacking because of X-Requested-With mishandling. Critical Unreviewed

CVE-2021-47157 was published Mar 18, 2024

lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain... High Unreviewed

CVE-2024-50654 was published Nov 15, 2024

Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control... High Unreviewed

CVE-2024-10534 was published Nov 15, 2024

An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information... Moderate Unreviewed

CVE-2024-51037 was published Nov 15, 2024

The origin of an external protocol handler prompt could have been obscured using a data: URL... Moderate Unreviewed

CVE-2024-10460 was published Oct 29, 2024

An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under... High Unreviewed

CVE-2024-9393 was published Oct 1, 2024

Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed... Moderate Unreviewed

CVE-2024-7978 was published Aug 21, 2024

Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed... Moderate Unreviewed

CVE-2022-4917 was published Jul 29, 2023

A CORS misconfiguration in parisneo/lollms-webui prior to version 10 allows attackers to steal... High Unreviewed

CVE-2024-6674 was published Oct 29, 2024

An attacker could have abused XSLT error handling to associate attacker-controlled content with... Moderate Unreviewed

CVE-2022-38472 was published Dec 22, 2022

Previous 1 2 3 4 5 … 8 9 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

206 advisories