Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

124 advisories

Loading
A ZigBee coordinator, router, or end device may change their node ID when an unsolicited... Moderate Unreviewed
CVE-2024-7322 was published Jan 15, 2025
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated... Moderate Unreviewed
CVE-2023-23561 was published May 30, 2023
An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0... Moderate Unreviewed
CVE-2023-46715 was published Jan 14, 2025
Long hostnames in URLs could be leveraged to obscure the actual host of the website or spoof the... Moderate Unreviewed
CVE-2025-23109 was published Jan 11, 2025
Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user... Moderate Unreviewed
CVE-2023-28164 was published Jun 2, 2023
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 before 15.10... Moderate Unreviewed
CVE-2023-2589 was published Jun 7, 2023
An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a... Moderate Unreviewed
CVE-2023-29751 was published Jun 9, 2023
An issue found in Facemoji Emoji Keyboard v.2.9.1.2 for Android allows a local attacker to cause... Moderate Unreviewed
CVE-2023-29753 was published Jun 9, 2023
An issue found in Twilight v.13.3 for Android allows unauthorized apps to cause a persistent... Moderate Unreviewed
CVE-2023-29756 was published Jun 9, 2023
A validation integrity issue was discovered in Fort through 1.6.4 before 2.0.0. RPKI manifests... Moderate Unreviewed
CVE-2024-56170 was published Dec 18, 2024
A cookie management issue was addressed with improved state management. This issue is fixed in... Moderate Unreviewed
CVE-2024-44212 was published Dec 12, 2024
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Sequoia 15.2.... Moderate Unreviewed
CVE-2024-54490 was published Dec 12, 2024
An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks... Moderate Unreviewed
CVE-2024-0009 was published Feb 14, 2024
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.7.2 and... Moderate Unreviewed
CVE-2022-46718 was published Jun 23, 2023
This issue was addressed with improved redaction of sensitive information. This issue is fixed in... Moderate Unreviewed
CVE-2023-28191 was published Jun 23, 2023
This issue was addressed with improved checks to prevent unauthorized actions. This issue is... Moderate Unreviewed
CVE-2022-42860 was published Jun 23, 2023
MSA FieldServer Gateway 5.0.0 through 6.5.2 allows cross-origin WebSocket hijacking. Moderate Unreviewed
CVE-2024-45495 was published Nov 29, 2024
An Improper access control vulnerability in Trend Micro Apex One and Apex One as a Service could... Moderate Unreviewed
CVE-2023-32553 was published Jun 27, 2023
An issue in Instrument Cluster KIA Seltos Software v1.0, Hardware v1.0 allows attackers to cause... Moderate Unreviewed
CVE-2024-51072 was published Nov 22, 2024
An issue in kodbox v.1.52.04 and before allows a remote attacker to obtain sensitive information... Moderate Unreviewed
CVE-2024-51037 was published Nov 15, 2024
The origin of an external protocol handler prompt could have been obscured using a data: URL... Moderate Unreviewed
CVE-2024-10460 was published Oct 29, 2024
Insufficient policy enforcement in Data Transfer in Google Chrome prior to 128.0.6613.84 allowed... Moderate Unreviewed
CVE-2024-7978 was published Aug 21, 2024
Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed... Moderate Unreviewed
CVE-2022-4917 was published Jul 29, 2023
An attacker could have abused XSLT error handling to associate attacker-controlled content with... Moderate Unreviewed
CVE-2022-38472 was published Dec 22, 2022
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the... Moderate Unreviewed
CVE-2020-15652 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database