GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,960
Composer 4,279
Erlang 31
GitHub Actions 21
Go 2,056
Maven 5,237
npm 3,740
NuGet 668
pip 3,421
Pub 12
RubyGems 891
Rust 873
Swift 36

Unreviewed advisories

All unreviewed 238,903

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

73 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. The... High Unreviewed

CVE-2023-29505 was published Aug 4, 2023

Mattermost fails to properly validate the origin of a websocket connection allowing a MITM... High Unreviewed

CVE-2023-3581 was published Jul 17, 2023

D-Link DSL-224 firmware version 3.0.10 allows post authentication command execution via an... High Unreviewed

CVE-2023-32223 was published Jun 28, 2023

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. If/when CSP (as a... High Unreviewed

CVE-2023-25188 was published Jun 16, 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker... High Unreviewed

CVE-2023-28349 was published May 31, 2023

A same-origin policy violation could have allowed the theft of cross-origin URL entries, leaking... High Unreviewed

CVE-2022-42927 was published Dec 22, 2022

An origin validation error vulnerability in Trend Micro Apex One agents could allow a local... High Unreviewed

CVE-2022-41749 was published Oct 11, 2022

A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause... High Unreviewed

CVE-2022-26137 was published Jul 21, 2022

Origin validation error vulnerability in NeoRS’s ActiveX moudle allows attackers to download and... High Unreviewed

CVE-2022-23763 was published Jun 29, 2022

Yandex Browser for Android 20.8.4 allows remote attackers to perform SOP bypass and addresss bar... High Unreviewed

CVE-2020-27969 was published May 24, 2022

In Ping Identity RSA SecurID Integration Kit before 3.2, user impersonation can occur. High Unreviewed

CVE-2021-39270 was published May 24, 2022

The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server ... High Unreviewed

CVE-2021-31718 was published May 24, 2022

An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the... High Unreviewed

CVE-2020-35556 was published May 24, 2022

DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write... High Unreviewed

CVE-2021-27197 was published May 24, 2022

IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused... High Unreviewed

CVE-2020-4881 was published May 24, 2022

ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the... High Unreviewed

CVE-2020-6881 was published May 24, 2022

A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7... High Unreviewed

CVE-2020-3864 was published May 24, 2022

A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and... High Unreviewed

CVE-2020-9903 was published May 24, 2022

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed

CVE-2020-16952 was published May 24, 2022

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to... High Unreviewed

CVE-2020-16951 was published May 24, 2022

An issue was discovered in TitanHQ WebTitan before 5.18. It contains a Remote Code Execution... High Unreviewed

CVE-2019-19019 was published May 24, 2022

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass... High Unreviewed

CVE-2019-8075 was published May 24, 2022

Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same... High Unreviewed

CVE-2019-8069 was published May 24, 2022

Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep... High Unreviewed

CVE-2019-16235 was published May 24, 2022

Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep... High Unreviewed

CVE-2019-16237 was published May 24, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

73 advisories